Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.KNOT_DNS_1_5_3.NASL
HistoryNov 06, 2014 - 12:00 a.m.

Knot DNS 1.5.2 Incremental Zone Transfer (IXFR) DoS

2014-11-0600:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

72.3%

JSON

The remote host is running Knot DNS version 1.5.2. It is, therefore, affected by an error that could allow certain Incremental Zone Transfer (IXFR) messages to crash the server.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(78890);
  script_version("1.4");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2014-0486");
  script_bugtraq_id(70097);

  script_name(english:"Knot DNS 1.5.2 Incremental Zone Transfer (IXFR) DoS");
  script_summary(english:"Checks the version of Knot DNS.");

  script_set_attribute(attribute:"synopsis", value:
"The remote DNS server is potentially affected by a denial of service
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote host is running Knot DNS version 1.5.2. It is, therefore,
affected by an error that could allow certain Incremental Zone
Transfer (IXFR) messages to crash the server.");
  script_set_attribute(attribute:"see_also", value:"https://lists.nic.cz/pipermail/knot-dns-users/2014-September/000507.html");
  script_set_attribute(attribute:"see_also", value:"https://gitlab.labs.nic.cz/labs/knot/issues/294");
  # https://gitlab.labs.nic.cz/labs/knot/commit/7c7236c24cce8f7c3a094163bf3c31858f68e8ca
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?94f30f0a");
  script_set_attribute(attribute:"solution", value:
"Update to version 1.5.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0486");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/06");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/a:cz.nic:knot_dns");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"DNS");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("knot_dns_version.nasl");
  script_require_keys("knot_dns/proto", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

# May fork
proto = get_kb_item("knot_dns/proto");

port = 53;
version = get_kb_item_or_exit("knot_dns/"+proto+"/version");
num_ver = get_kb_item_or_exit("knot_dns/"+proto+"/num_ver");

if (version =~ "^1(\.5)?$") audit(AUDIT_VER_NOT_GRANULAR, "Knot DNS", port, version);

if (report_paranoia < 2) audit(AUDIT_PARANOID);

fix = "1.5.3";

if (
  version =~ "^1\.5\.2($|[^0-9])" ||
  version =~ "^1\.5\.3-rc\d+"
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix +
      '\n';
    security_warning(port:port, proto:tolower(proto), extra:report);
  }
  else security_warning(port:port, proto:tolower(proto));
}
else audit(AUDIT_LISTEN_NOT_VULN, "Knot DNS", port, version, proto);

Related

fedora 2
nessus 1
nvd 1
cvelist 1
prion 1
openvas 2
ubuntucve 1
debiancve 1
cve 1
fedora
fedora
[SECURITY] Fedora 21 Update: knot-1.5.2-1.fc21
2014-09-23 04:29:22
[SECURITY] Fedora 20 Update: knot-1.6.3-1.fc20
2015-04-18 09:36:38
nessus
nessus
Fedora 21 : knot-1.5.2-1.fc21 (2014-10507)
2014-09-23 00:00:00
nvd
nvd
CVE-2014-0486
2018-03-27 16:29:00
cvelist
cvelist
CVE-2014-0486
2018-03-27 16:00:00
prion
prion
Code injection
2018-03-27 16:29:00
openvas
openvas
Knot DNS 1.5.2 Denial of Service Vulnerability
2018-04-10 00:00:00
Fedora Update for knot FEDORA-2015-5812
2015-04-19 00:00:00
ubuntucve
ubuntucve
CVE-2014-0486
2018-03-27 00:00:00
debiancve
debiancve
CVE-2014-0486
2018-03-27 16:29:00
cve
cve
CVE-2014-0486
2018-03-27 16:29:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

72.3%

JSON
Related for KNOT_DNS_1_5_3.NASL
fedora2nessus1nvd1cvelist1prion1openvas2ubuntucve1debiancve1cve1