Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6043
HistoryOct 03, 2022 - 4:14 p.m.

CVE-2007-6043

2022-10-0316:14:28
CWE-200
[email protected]
web.nvd.nist.gov
27
cryptgenrandom
microsoft
windows 2000
predictable values
cryptographic mechanisms
rc4 cipher
cve-2007-6043
cve-2007-3898

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.963 High

EPSS

Percentile

99.6%

JSON

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Affected configurations

NVD
Node
microsoftwindows_2000

Related

prion 3
cvelist 3
nvd 3
nessus 2
cert 1
securityvulns 3
checkpoint_advisories 4
cve 2
seebug 1
prion
prion
Design/Logic Flaw
2007-11-20 19:46:00
Design/Logic Flaw
2007-11-14 01:46:00
Memory corruption
2009-02-19 18:30:00
cvelist
cvelist
CVE-2007-6043
2022-10-03 16:14:28
CVE-2007-3898
2007-11-14 01:00:00
CVE-2008-6194
2009-02-19 18:00:00
nvd
nvd
CVE-2007-6043
2007-11-20 19:46:00
CVE-2007-3898
2007-11-14 01:46:00
CVE-2008-6194
2009-02-19 18:30:00
nessus
nessus
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)
2014-03-05 00:00:00
MS07-062: Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-13 00:00:00
cert
cert
Microsoft Windows DNS Server vulnerable to cache poisoning
2007-11-13 00:00:00
securityvulns
securityvulns
[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server
2007-11-14 00:00:00
Microsoft Security Bulletin MS07-062 – Important Vulnerability in DNS Could Allow Spoofing (941672)
2007-11-14 00:00:00
Microsoft Windows DNS server and DNS client DNS reply spoofing
2008-07-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft Windows DNS Server Spoofing Vulnerability (MS07-062)
2007-11-18 00:00:00
Microsoft Windows DNS Server Spoofing - Ver2 (CVE-2007-3898)
2015-05-18 00:00:00
Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)
2014-03-23 00:00:00
cve
cve
CVE-2007-3898
2007-11-14 01:46:00
CVE-2008-6194
2009-02-19 18:30:00
seebug
seebug
Microsoft Windows递归DNS欺骗漏洞(MS07-062)
2007-11-15 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.963 High

EPSS

Percentile

99.6%

JSON
Related for CVE-2007-6043
prion3cvelist3nvd3nessus2cert1securityvulns3checkpoint_advisories4cve2seebug1