CVE-2012-1194

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

Published: Feb 17, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1194
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2008	--gold	--gold.x
microsoft / windows_server_2008	-	-.x

https://www.isc.org/files/imce/ghostdomain_camera.pdf

Vulnerability Database

289,571

CVE-2012-1194