CVE-2006-0988

Name of the Vulnerable Software and Affected Versions Windows Server 2003 (affected versions not specified) Windows 2000 (affected versions not specified) Windows NT 4.0 (affected versions not specified)

Description The default configuration of the DNS Server service allows recursive queries and provides additional delegation information to arbitrary IP addresses. This allows remote attackers to cause a denial of service via DNS queries with spoofed source IP addresses, resulting in traffic amplification.

Recommendations For Windows Server 2003, consider disabling recursive queries to prevent traffic amplification. For Windows 2000, restrict access to the DNS Server service to minimize the risk of exploitation. For Windows NT 4.0, limit the delegation information provided by the Microsoft DNS Server service to reduce the impact of spoofed DNS queries. At the moment, there is no information about a newer version that contains a fix for this vulnerability.