CVE-2006-0988

2006-03-0311:02:00

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.01

Percentile

83.5%

JSON

The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.

Affected configurations

Nvd

Node

microsoftwindows_2000

microsoftwindows_2003_serverMatchr2

microsoftwindows_ntMatch4.0

VendorProductVersionCPE
microsoftwindows_2000*cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
microsoftwindows_2003_serverr2cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
microsoftwindows_nt4.0cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_2000	*	cpe:2.3:o:microsoft:windows_2000::::::::
microsoft	windows_2003_server	r2	cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*
microsoft	windows_nt	4.0	cpe:2.3:o:microsoft:windows_nt:4.0:::::::*