Vulnerabilities > CVE-2007-1644 - Denial-Of-Service vulnerability in Microsoft ALL Windows Abstractcpe

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

microsoft

critical

exploit available

NVD

Published: 2007-03-24

Updated: 2017-10-11

Summary

The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft ALL Windows Abstract_Cpe	1

Exploit-Db

description	Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit. CVE-2007-1644. Remote exploit for windows platform
file	exploits/windows/remote/3544.c
id	EDB-ID:3544
last seen	2016-01-31
modified	2007-03-22
platform	windows
port
published	2007-03-22
reporter	Andres Tarasco
source	https://www.exploit-db.com/download/3544/
title	Microsoft DNS Server - Dynamic DNS Updates Remote Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References