CVE-2007-1644

CVE Database · CVE-2007-1644

CVE-2007-1644

· N/AModified

CVSS v3.1

N/A

EPSS

32.56%

Published

Mar 23, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft DNS Server - Dynamic DNS Update/Change TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).

Affected Products (1)

microsoft · all_windowsvulnerable

References (6)

http://osvdb.org/43603

https://exchange.xforce.ibmcloud.com/vulnerabilities/33473

https://www.exploit-db.com/exploits/3544

http://osvdb.org/43603

https://exchange.xforce.ibmcloud.com/vulnerabilities/33473

https://www.exploit-db.com/exploits/3544

KEV Catalog EPSS Scores Vendors All CVEs