Critical severity9.8NVD Advisory· Published Apr 14, 2000· Updated Apr 16, 2026

CVE-2000-1218

Description

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Affected products

Microsoft/Windows 2000
cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
Microsoft/Windows 98
cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*
Microsoft/Windows 98se
cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*
Microsoft/Windows Nt
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
Microsoft/Windows Xp
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/458659nvdThird Party AdvisoryUS Government Resource
exchange.xforce.ibmcloud.com/vulnerabilities/4280nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000