The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-03-24T00:00:00
Updated: 2024-08-07T13:06:25.824Z
Reserved: 2007-03-23T00:00:00
Link: CVE-2007-1644
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-03-24T00:19:00.000
Modified: 2017-10-11T01:31:56.220
Link: CVE-2007-1644
Redhat
No data.