VYPR
Unrated severityNVD Advisory· Published Nov 14, 2007· Updated Jun 16, 2026

CVE-2007-3898

CVE-2007-3898

Description

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

36
  • cpe:2.3:o:microsoft:windows_2000:*:gold:*:*:*:*:*:*+ 19 more
    • cpe:2.3:o:microsoft:windows_2000:*:gold:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:gold:adv_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:gold:datacenter_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:gold:srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:adv_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:datacenter_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp1:srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:adv_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:datacenter_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp2:srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:adv_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:datacenter_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp3:srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp4:adv_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp4:datacenter_srv:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2000:*:sp4:srv:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*+ 13 more
    • cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:gold:std:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64-std:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:std:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:std:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2003:*:-:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • Range: 2000 Server SP4, Server 2003 SP1 and SP2
  • Range: 2000 Server SP4, Server 2003 SP1 and SP2

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.