Copyright (C) 2013 Greenbone AGOPENVAS:1361412562310803552Nmap NSE 6.01: dns-random-txid
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
Checks a DNS server for the predictable-TXID DNS recursion vulnerability. Predictable TXID values
can make a DNS server vulnerable to cache poisoning attacks (see CVE-2008-1447).
The script works by querying txidtest.dns-oarc.net (see the references). Be aware that any targets against which this script is run will
be sent to and potentially recorded by one or more DNS servers and the txidtest server. In addition
your IP address will be sent along with the txidtest query to the DNS server running on the target.
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.803552");
script_version("2023-07-28T16:09:07+0000");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
script_tag(name:"last_modification", value:"2023-07-28 16:09:07 +0000 (Fri, 28 Jul 2023)");
script_tag(name:"creation_date", value:"2013-02-28 19:00:41 +0530 (Thu, 28 Feb 2013)");
script_name("Nmap NSE 6.01: dns-random-txid");
script_category(ACT_ATTACK);
script_tag(name:"qod_type", value:"remote_analysis");
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("Nmap NSE");
script_xref(name:"URL", value:"https://www.dns-oarc.net/oarc/services/txidtest");
script_tag(name:"summary", value:"Checks a DNS server for the predictable-TXID DNS recursion vulnerability. Predictable TXID values
can make a DNS server vulnerable to cache poisoning attacks (see CVE-2008-1447).
The script works by querying txidtest.dns-oarc.net (see the references). Be aware that any targets against which this script is run will
be sent to and potentially recorded by one or more DNS servers and the txidtest server. In addition
your IP address will be sent along with the txidtest query to the DNS server running on the target.");
script_tag(name:"solution_type", value:"Mitigation");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);
References
Related
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%