Vulnerabilities > CVE-2004-0789 - Denial Of Service vulnerability in Multiple Vendor DNS Response Flooding
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
Vulnerable Configurations
Nessus
NASL family | DNS |
NASL id | DNS_RESPONSE_FLOOD.NASL |
description | The remote DNS server is vulnerable to a denial of service attack because it replies to DNS responses. An attacker could exploit this vulnerability by spoofing a DNS packet so that it appears to come from 127.0.0.1 and make the remote DNS server enter into an infinite loop, therefore denying service to legitimate users. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15753 |
published | 2004-11-18 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15753 |
title | Multiple Vendor DNS Response Flooding Denial Of Service |
code |
|
References
- http://secunia.com/advisories/13145
- http://securitytracker.com/id?1012157
- http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en
- http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf
- http://www.posadis.org/advisories/pos_adv_006.txt
- http://www.securityfocus.com/bid/11642
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17997