sischkg - Security Researcher - Exploit Intelligence Platform

CVE-2018-5740 NOMISEC HIGH WORKING POC

BIND 9.7.0-9.13.2 - Reachable Assertion in deny-answer-aliases

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.

3 stars

CVSS 7.5

View Code

CVE-2016-6170 WRITEUP MEDIUM WRITEUP

ISC BIND < 9.9.8, 9.10.x < 9.10.4-P1, 9.11.x < 9.11.0b1 - Denial of Service via Large AXFR/IXFR/UPDATE Responses

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

CVSS 6.5

View Code

CVE-2016-6171 WRITEUP HIGH WRITEUP

Knot DNS < 2.3.0 - Denial of Service via Large Zone Transfer

Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.

CVSS 8.6

View Code

CVE-2016-6172 WRITEUP MEDIUM WRITEUP

PowerDNS <4.0.1 - DoS

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

CVSS 6.8

View Code

CVE-2016-6173 WRITEUP HIGH WRITEUP

NSD < 4.1.11 - Denial of Service via Unlimited Zone Transfer

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.

CVSS 7.5

View Code