VYPR

Windows NT DNS Server

by Microsoft

CVEs (7)

  • CVE-2017-0171MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.04

    Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".

  • CVE-2007-1644Mar 24, 2007
    risk 0.06cvss epss 0.33

    The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM)…

  • CVE-2005-0050May 2, 2005
    risk 0.04cvss epss 0.47

    The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary…

  • CVE-2009-0234Mar 11, 2009
    risk 0.03cvss epss 0.34

    The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by…

  • CVE-2009-0233Mar 11, 2009
    risk 0.02cvss epss 0.27

    The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote…

  • CVE-2009-0093Mar 11, 2009
    risk 0.01cvss epss 0.17

    Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) feature, and…

  • CVE-1999-0274Jan 1, 1997
    risk 0.00cvss epss 0.06

    Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.