Denial of Service : ISC BIND AXFR Response Denial of Service Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.106118

Kategorie: Denial of Service

Titel: ISC BIND AXFR Response Denial of Service Vulnerability

Zusammenfassung: ISC BIND is prone to a denial of service vulnerability.

Beschreibung: Summary:
ISC BIND is prone to a denial of service vulnerability.

Vulnerability Insight:
Primary DNS servers may cause a denial of service (secondary DNS server
crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client
crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary
DNS server crash) via a large UPDATE message.

Vulnerability Impact:
An authenticated remote attacker may cause a denial of service
condition.

Affected Software/OS:
Version <= 9.10.4-P1.

Solution:
As a workaround operators of servers which
accept untrusted zone data can mitigate their risk by operating an intermediary
server whose role it is to receive zone data and then (if successful)
re-distribute it to client-facing servers. Successful exploitation of the
attack against the intermediary server may still occur but denial of service
against the client-facing servers is significantly more difficult to achieve
in this scenario.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-6170
1036241
http://www.securitytracker.com/id/1036241
91611
http://www.securityfocus.com/bid/91611
GLSA-201610-07
https://security.gentoo.org/glsa/201610-07
[dns-operations] 20160704 DNS activities in Japan
https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html
[dns-operations] 20160706 DNS activities in Japan
https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015073.html
https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015075.html
[oss-security] 20160706 Malicious primary DNS servers can crash secondaries
http://www.openwall.com/lists/oss-security/2016/07/06/3
https://bugzilla.redhat.com/show_bug.cgi?id=1353563
https://github.com/sischkg/xfer-limit/blob/master/README.md
https://kb.isc.org/article/AA-01390
https://kb.isc.org/article/AA-01390/169/CVE-2016-6170

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.106118
Kategorie:	Denial of Service
Titel:	ISC BIND AXFR Response Denial of Service Vulnerability
Zusammenfassung:	ISC BIND is prone to a denial of service vulnerability.
Beschreibung:	Summary: ISC BIND is prone to a denial of service vulnerability. Vulnerability Insight: Primary DNS servers may cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message. Vulnerability Impact: An authenticated remote attacker may cause a denial of service condition. Affected Software/OS: Version <= 9.10.4-P1. Solution: As a workaround operators of servers which accept untrusted zone data can mitigate their risk by operating an intermediary server whose role it is to receive zone data and then (if successful) re-distribute it to client-facing servers. Successful exploitation of the attack against the intermediary server may still occur but denial of service against the client-facing servers is significantly more difficult to achieve in this scenario. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6170 1036241 http://www.securitytracker.com/id/1036241 91611 http://www.securityfocus.com/bid/91611 GLSA-201610-07 https://security.gentoo.org/glsa/201610-07 [dns-operations] 20160704 DNS activities in Japan https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html [dns-operations] 20160706 DNS activities in Japan https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015073.html https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015075.html [oss-security] 20160706 Malicious primary DNS servers can crash secondaries http://www.openwall.com/lists/oss-security/2016/07/06/3 https://bugzilla.redhat.com/show_bug.cgi?id=1353563 https://github.com/sischkg/xfer-limit/blob/master/README.md https://kb.isc.org/article/AA-01390 https://kb.isc.org/article/AA-01390/169/CVE-2016-6170
Copyright	Copyright (C) 2016 Greenbone AG