Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-6043
HistoryNov 20, 2007 - 7:46 p.m.

CVE-2007-6043

2007-11-2019:46:00
CWE-200
[email protected]
web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.965 High

EPSS

Percentile

99.6%

JSON

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Affected configurations

NVD
Node
microsoftwindows_2000

Related

prion 3
cvelist 3
cve 3
checkpoint_advisories 4
nessus 2
cert 1
nvd 2
securityvulns 3
seebug 1
prion
prion
Design/Logic Flaw
2007-11-20 19:46:00
Design/Logic Flaw
2007-11-14 01:46:00
Memory corruption
2009-02-19 18:30:00
cvelist
cvelist
CVE-2007-6043
2022-10-03 16:14:28
CVE-2007-3898
2007-11-14 01:00:00
CVE-2008-6194
2009-02-19 18:00:00
cve
cve
CVE-2007-6043
2022-10-03 16:14:28
CVE-2007-3898
2007-11-14 01:46:00
CVE-2008-6194
2009-02-19 18:30:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft Windows DNS Server Spoofing Vulnerability (MS07-062)
2007-11-18 00:00:00
Microsoft Windows DNS Server Spoofing - Ver2 (CVE-2007-3898)
2015-05-18 00:00:00
Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)
2014-03-23 00:00:00
nessus
nessus
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)
2014-03-05 00:00:00
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-13 00:00:00
cert
cert
Microsoft Windows DNS Server vulnerable to cache poisoning
2007-11-13 00:00:00
nvd
nvd
CVE-2007-3898
2007-11-14 01:46:00
CVE-2008-6194
2009-02-19 18:30:00
securityvulns
securityvulns
[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server
2007-11-14 00:00:00
Microsoft Security Bulletin MS07-062 – Important Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-14 00:00:00
Microsoft Windows DNS server and DNS client DNS reply spoofing
2008-07-09 00:00:00
seebug
seebug
Microsoft Windows递归DNS欺骗漏洞(MS07-062)
2007-11-15 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.965 High

EPSS

Percentile

99.6%

JSON
Related for NVD:CVE-2007-6043
prion3cvelist3cve3checkpoint_advisories4nessus2cert1nvd2securityvulns3seebug1