Lucene search
K

2014 matches found

Tenable Nessus
Tenable Nessus
added 2001/01/16 12:0 a.m.967 views

DNS Server Zone Transfer Information Disclosure (AXFR)

The remote name server allows DNS zone transfers to be performed. A zone transfer lets a remote attacker instantly populate a list of potential targets. In addition, companies often use a naming convention that can give hints as to a servers primary application for instance, proxy.example.com,...

5.5AI score0.68535EPSS
Exploits7References2
securityvulns
securityvulns
added 2000/11/08 12:0 a.m.32 views

Possible DOS in Bind 8.2.2-P5

Hi, playing with bind and ZXFR feature zone transfer compressed with a possible insecure execlp"gzip", "gzip", NULL; , i discovered a Denial Of Service against Bind 8.2.2-P5 . By default Bind 8.2.2-P5 it's not compiled with ZXFR support unless you define it with define BINDZXFR so it will refuse...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/10/27 12:0 a.m.2766 views

DNS Server Recursive Query Cache Poisoning Weakness

It is possible to query the remote name server for third-party names. If this is your internal nameserver, then the attack vector may be limited to employees or guest access if allowed. If you are probing a remote nameserver, then it allows anyone to use it to resolve third party names such as...

5CVSS5.6AI score0.04935EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.35 views

CVE-1999-0532

A DNS server allows zone transfers...

6.4AI score0.68535EPSS
Exploits7References1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.16 views

CVE-1999-0533

A DNS server allows inverse queries...

6.7AI score0.01489EPSS
Exploits0References1
CVE
CVE
added 2000/02/04 5:0 a.m.125 views

CVE-1999-0532

CVE-1999-0532 denotes a DNS zone transfer disclosure. The provided connected docs confirm that a DNS server may allow AXFR zone transfers, enabling an attacker to enumerate zone data. Evidence includes references to a Metasploit DNS enumeration module and various scanners (OpenVAS, Nessus plugin)...

6.4AI score0.68535EPSS
Exploits7References2
CVE
CVE
added 2000/02/04 5:0 a.m.44 views

CVE-1999-0533

CVE-1999-0533 describes a vulnerability in a DNS server that allows inverse queries. Connected documents confirm the issue but do not specify affected products/versions, root cause in code, or a fix. Red Hat, NVD, CVE listings reiterate the description and provide no remediation details. PT-1997-...

7.5CVSS7.4AI score0.01489EPSS
Exploits0References1
Packet Storm
Packet Storm
added 1999/11/12 12:0 a.m.33 views

bind.nxt.txt

http://www.isc.org/products/BIND/bind-security-19991108.html Name: "nxt bug" Versions affected: 8.2, 8.2 patchlevel 1, 8.2.1 Severity: CRITICAL Exploitable: Remotely Type: Access possible Description: A bug in the processing of NXT records can theoretically allow an attacker to gain access to the...

7.4AI score
Exploits0
CVE
CVE
added 1999/09/29 4:0 a.m.123 views

CVE-1999-0184

CVE-1999-0184 affects bind when built with the -DALLOW_UPDATES option, enabling dynamic updates to the DNS server and allowing malicious modification of DNS records. The vulnerability is tied to enabling dynamic updates in the DNS server, with impact described as potential modification of records...

6.4CVSS6.8AI score0.01909EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.25 views

WindowsNT DNS Server Character Saturation DoS

We could make the remote DNS server crash by flooding it with characters. It is likely a WindowsNT DNS server. Crashing the DNS server could allow an attacker to make your network non-functional, or even to use some DNS spoofing techniques to gain privileges on the network. C Tenable Network...

5CVSS5.6AI score0.05922EPSS
Exploits0References2
NVD
NVD
added 1997/07/01 4:0 a.m.10 views

CVE-1999-0533

A DNS server allows inverse queries...

7.5CVSS0.01489EPSS
Exploits0References1
NVD
NVD
added 1997/07/01 4:0 a.m.36 views

CVE-1999-0532

A DNS server allows zone transfers...

0.68535EPSS
Exploits7References2
NVD
NVD
added 1997/07/01 4:0 a.m.15 views

CVE-1999-0184

When compiled with the -DALLOWUPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records...

6.4CVSS0.01909EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1997/07/01 12:0 a.m.4 views

PT-1997-1152

Name of the Vulnerable Software and Affected Versions DNS server affected versions not specified Description The issue concerns a DNS server that allows zone transfers. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

6.4AI score0.68535EPSS
Exploits7References9
Rows per page
Query Builder