Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6043
HistoryNov 20, 2007 - 7:46 p.m.

CVE-2007-6043

2007-11-2019:46:00
CWE-200
[email protected]
web.nvd.nist.gov
26
cryptgenrandom
microsoft
windows 2000
predictable values
cryptographic mechanisms
rc4 cipher
cve-2007-6043
cve-2007-3898

6.5 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

54.4%

JSON

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Related

cvelist 3
prion 3
checkpoint_advisories 4
securityvulns 3
seebug 1
cve 2
nessus 2
cert 1
cvelist
cvelist
CVE-2007-6043
2022-10-03 16:14:28
CVE-2007-3898
2007-11-14 01:00:00
CVE-2008-6194
2009-02-19 18:00:00
prion
prion
Design/Logic Flaw
2007-11-20 19:46:00
Design/Logic Flaw
2007-11-14 01:46:00
Memory corruption
2009-02-19 18:30:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft Windows DNS Server Spoofing Vulnerability (MS07-062)
2007-11-18 00:00:00
Microsoft Windows DNS Server Spoofing - Ver2 (CVE-2007-3898)
2015-05-18 00:00:00
Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)
2014-03-23 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS07-062 – Important Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-14 00:00:00
[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server
2007-11-14 00:00:00
Microsoft Windows DNS server and DNS client DNS reply spoofing
2008-07-09 00:00:00
seebug
seebug
Microsoft Windows递归DNS欺骗漏洞(MS07-062)
2007-11-15 00:00:00
cve
cve
CVE-2007-3898
2007-11-14 01:46:00
CVE-2008-6194
2009-02-19 18:30:00
nessus
nessus
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)
2014-03-05 00:00:00
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-13 00:00:00
cert
cert
Microsoft Windows DNS Server vulnerable to cache poisoning
2007-11-13 00:00:00

6.5 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

54.4%

JSON
Related for CVE-2007-6043
cvelist3prion3checkpoint_advisories4securityvulns3seebug1cve2nessus2cert1