 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.15753 |
| Category: | Denial of Service |
| Title: | Multiple Vendor DNS Response Flooding DoS Vulnerability |
| Summary: | Multiple DNS vendors are reported susceptible to a denial of; service (DoS) vulnerability. |
| Description: | Summary: Multiple DNS vendors are reported susceptible to a denial of service (DoS) vulnerability. Vulnerability Insight: This vulnerability results in vulnerable DNS servers entering into an infinite query and response message loop, leading to the consumption of network and CPU resources, and denying DNS service to legitimate users. Vulnerability Impact: An attacker may exploit this flaw by finding two vulnerable servers and set up a 'ping-pong' attack between the two hosts. Affected Software/OS: Axis Communication, dnrd, Don Moore and Posadis are know affected vendors. Solution: Please see the reference for platform specific remediations. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0789 BugTraq ID: 11642 http://www.securityfocus.com/bid/11642 http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf http://securitytracker.com/id?1012157 http://secunia.com/advisories/13145 XForce ISS Database: dns-localhost-dos(17997) https://exchange.xforce.ibmcloud.com/vulnerabilities/17997 |
| Copyright | Copyright (C) 2004 Cedric Tissieres, Objectif Securite |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |