Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310106121
HistoryJul 08, 2016 - 12:00 a.m.

NSD (Name Server Daemon) AXFR Response Denial of Service Vulnerability

2016-07-0800:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON

NSD (Name Server Daemon) is prone to a denial of service vulnerability.

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:nlnetlabs:nsd";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106121");
  script_version("2023-07-21T05:05:22+0000");
  script_tag(name:"last_modification", value:"2023-07-21 05:05:22 +0000 (Fri, 21 Jul 2023)");
  script_tag(name:"creation_date", value:"2016-07-08 10:27:46 +0700 (Fri, 08 Jul 2016)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2017-02-24 21:14:00 +0000 (Fri, 24 Feb 2017)");
  script_cve_id("CVE-2016-6173");
  script_name("NSD (Name Server Daemon) AXFR Response Denial of Service Vulnerability");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Denial of Service");
  script_dependencies("nsd_version.nasl");
  script_mandatory_keys("nsd/installed");

  script_xref(name:"URL", value:"http://www.openwall.com/lists/oss-security/2016/07/06/3");
  script_xref(name:"URL", value:"https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html");
  script_xref(name:"URL", value:"http://www.nlnetlabs.nl/svn/nsd/trunk/doc/RELNOTES");

  script_tag(name:"summary", value:"NSD (Name Server Daemon) is prone to a denial of service vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Primary DNS servers may cause a denial of service (secondary DNS server
  crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client
  crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary
  DNS server crash) via a large UPDATE message");

  script_tag(name:"impact", value:"An authenticated remote attacker may cause a denial of service
  condition.");

  script_tag(name:"affected", value:"Version <= 4.1.10");

  script_tag(name:"solution", value:"Update to version 4.1.11.");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://www.nlnetlabs.nl/projects/nsd/");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( ! port = get_app_port( cpe:CPE ) ) exit( 0 );
if( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );

version = infos["version"];
proto = infos["proto"];

if( version_is_less_equal( version:version, test_version:"4.1.10" ) ) {
  report = report_fixed_ver( installed_version:version, fixed_version:"4.1.11" );
  security_message( data:report, port:port, proto:proto );
  exit( 0 );
}

exit( 99 );

Related

nessus 3
openvas 2
fedora 2
cve 1
prion 1
osv 1
ubuntucve 1
debiancve 1
freebsd 1
nessus
nessus
Fedora 25 : nsd (2016-9960d370f7)
2016-11-15 00:00:00
Fedora 24 : nsd (2016-e1d4972701)
2016-10-12 00:00:00
FreeBSD : BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers (7d08e608-5e95-11e6-b334-002590263bf5)
2016-08-10 00:00:00
openvas
openvas
Fedora Update for nsd FEDORA-2016-e1d4972701
2016-11-14 00:00:00
Fedora Update for nsd FEDORA-2016-9960d370f7
2016-12-07 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: nsd-4.1.13-1.fc25
2016-10-10 18:17:47
[SECURITY] Fedora 24 Update: nsd-4.1.13-1.fc24
2016-10-11 20:01:50
cve
cve
CVE-2016-6173
2017-02-09 15:59:00
prion
prion
Code injection
2017-02-09 15:59:00
osv
osv
CVE-2016-6173
2017-02-09 15:59:01
ubuntucve
ubuntucve
CVE-2016-6173
2017-02-09 00:00:00
debiancve
debiancve
CVE-2016-6173
2017-02-09 15:59:00
freebsd
freebsd
BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers
2016-07-06 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON
Related for OPENVAS:1361412562310106121
nessus3openvas2fedora2cve1prion1osv1ubuntucve1debiancve1freebsd1