CVE-2000-1218 Information

Description

The default configuration for the domain name resolver for Microsoft Windows 98 NT 4.0 2000 and XP sets the QueryIpMatching parameter to 0 which causes Windows to accept DNS updates from hosts that it did not query which allows remote attackers to poison the DNS cache.

Reference

http://www.kb.cert.org/vuls/id/458659 https://exchange.xforce.ibmcloud.com/vulnerabilities/4280