CVE-2007-1644

Microsoft Windows DNS Server - Unauthenticated DNS Record Manipulation via Dynamic Update Mechanism

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1644. PoCs published by Andres Tarasco.

AI-analyzed exploit summary This exploit demonstrates DNS record manipulation via insecure dynamic updates in Microsoft DNS servers. It allows creation, modification, and deletion of DNS records, enabling MITM, DoS, or pharming attacks.

Description

The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).

Exploits (1)

exploitdb WORKING POC VERIFIED
by Andres Tarasco · cremotewindows
https://www.exploit-db.com/exploits/3544

This exploit demonstrates DNS record manipulation via insecure dynamic updates in Microsoft DNS servers. It allows creation, modification, and deletion of DNS records, enabling MITM, DoS, or pharming attacks.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Microsoft DNS Server (with insecure dynamic updates enabled)
No auth needed
Prerequisites: Network access to vulnerable DNS server · Insecure dynamic updates enabled on target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33473
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/43603
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3544

Scores

EPSS 0.3256
EPSS Percentile 98.1%

Details

Status published
Products (1)
microsoft/all_windows abstract_cpe
Published Mar 24, 2007
Tracked Since Feb 18, 2026