CVE-2021-23017

This exploit leverages a DNS response parsing vulnerability in Nginx (CVE-2021-23017) to trigger a denial-of-service (DoS) condition. It performs ARP poisoning to intercept DNS traffic and crafts a malicious DNS response to exploit the flaw in Nginx's resolver.

This PoC exploits CVE-2021-23017, a DNS cache poisoning vulnerability, by sending crafted DNS responses to a target. It uses ARP poisoning to intercept DNS traffic and injects malicious DNS replies to manipulate cache entries.

This repository contains functional exploit code for CVE-2021-23017, a DNS-related DoS vulnerability in NGINX servers (versions 0.6.18–1.20.0). The PoC sends malicious DNS responses with long domain names to crash the target NGINX server, with enhancements for firewall bypass and parallel execution.

This PoC exploits CVE-2021-23017, a 1-byte memory overwrite vulnerability in nginx's resolver when processing forged DNS responses. It uses ARP poisoning to intercept DNS traffic and crafts malicious DNS responses to trigger the vulnerability.

This PoC exploits CVE-2021-23017, a DNS cache poisoning vulnerability in NXNSAttack, by crafting malicious DNS responses to poison the cache of a target DNS server. It uses ARP spoofing to intercept DNS queries and injects a spoofed response with a malicious payload.

This repository contains Docker build files and configuration for a custom nginx image but lacks any exploit code or technical details related to CVE-2021-23017. It appears to be a placeholder or build environment rather than a functional PoC.

This repository provides a shell script to scan GitLab Omnibus installations for the presence of the vulnerable 'resolver' directive in NGINX configurations, which is indicative of CVE-2021-23017. It checks both configuration files and the running NGINX process for the directive.

This Python script checks for CVE-2021-23017 by sending an HTTP request with an overly long Host header to trigger a potential DNS buffer overflow in NGINX's resolver. It does not execute malicious code but scans for vulnerability indicators.

This repository contains a detailed vulnerability management report focusing on CVE-2021-23017, a buffer overflow in Nginx 1.15.5. It includes technical analysis, patch recommendations, and remediation steps, but does not provide functional exploit code.

This PoC exploits CVE-2021-23017, a heap corruption vulnerability in Nginx 1.14, by crafting a malicious DNS response. The script listens on UDP port 1053 and responds with a specially crafted CNAME response to trigger the vulnerability.

This PoC exploits CVE-2021-23017, a DNS cache poisoning vulnerability in NXNSAttack, by crafting malicious DNS responses to poison the cache of a target DNS server. It uses ARP spoofing to intercept DNS queries and injects a malicious payload into the DNS response.