CVE-2012-1194

Exploit

EPSS 9.68%
Published 17.02.2012 22:55:00
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

Affected products Warnungen 0 Metrics 2 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows Server 2008 Updatesp2 Version <= -

Microsoft ≫ Windows Server 2008 Version-

Microsoft ≫ Windows Server 2008 Version- Updategold

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.68%	0.921

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P

https://www.isc.org/files/imce/ghostdomain_camera.pdf

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2012-1194

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1194

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1194

EUVD