Executive Summary
Informations | |||
---|---|---|---|
Name | TA15-103A | First vendor Publication | 2015-04-13 |
Vendor | US-CERT | Last vendor Modification | 2015-04-13 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 0 | Attack Range | Network |
Cvss Impact Score | 0 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Overview A remote unauthenticated user may request a DNS zone transfer from a public-facing DNS server. If improperly configured, the DNS server may respond with information about the requested zone, revealing internal network structure and potentially sensitive information. DescriptionAXFR is a protocol for “zone transfers” for replication of DNS data across multiple DNS servers. Unlike normal DNS queries that require the user to know some DNS information ahead of time, AXFR queries reveal subdomain names [1]. Because a zone transfer is a single query, it could be used by an adversary to efficiently obtain DNS data. A well-known problem with DNS is that zone transfer requests can disclose domain information; for example, see CVE-1999-0532 and a 2002 CERT/CC white paper [2][3]. However, the issue has regained attention due to recent Internet scans still showing a large number of misconfigured DNS servers. Open-source, tested scripts are now available to scan for the possible exposure, increasing the likelihood of exploitation [4]. ImpactA remote unauthenticated user may observe internal network structure, learning information useful for other directed attacks. SolutionConfigure your DNS server to respond only to zone transfer (AXFR) requests from known IP addresses. Many open-source resources give instructions on reconfiguring your DNS server. For example, see this AXFR article for information on testing and fixing the configuration of a BIND DNS server. US-CERT does not endorse or support any particular product or vendor. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA15-103A.html |
SAINT Exploits
Description | Link |
---|---|
DNS zone transfer | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2005-11-03 | Name : DNS AXFR File : nvt/dns_xfer.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
492 | DNS Zone Transfer Information Disclosure DNS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the host's DNS name server allows zone transfers to replicate zone information between master and slave DNS servers. If zone transfers have not been restricted to authorized slave servers only, a remote attacker could disclose sensitive network information resulting in a loss of confidentiality. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | dns zone transfer via TCP detected RuleID : 255-community - Revision : 24 - Type : PROTOCOL-DNS |
2014-01-10 | dns zone transfer via UDP detected RuleID : 1948-community - Revision : 20 - Type : PROTOCOL-DNS |
2014-01-10 | dns zone transfer via UDP detected RuleID : 1948 - Revision : 20 - Type : PROTOCOL-DNS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2001-01-16 | Name : The remote name server allows zone transfers File : dns_xfer.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-04-14 05:25:19 |
|