Vulnerabilities > CVE-2016-6173 - Resource Management Errors vulnerability in Nlnetlabs NSD
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2016-9960D370F7.NASL description Updated to 4.1.13 (CVE-2016-6173, OPENPGPKEY support) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-11-15 plugin id 94838 published 2016-11-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94838 title Fedora 25 : nsd (2016-9960d370f7) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_7D08E6085E9511E6B334002590263BF5.NASL description ISC reports : DNS protocols were designed with the assumption that a certain amount of trust could be presumed between the operators of primary and secondary servers for a given zone. However, in current practice some organizations have scenarios which require them to accept zone data from sources that are not fully trusted (for example: providers of secondary name service). A party who is allowed to feed data into a zone (e.g. by AXFR, IXFR, or Dynamic DNS updates) can overwhelm the server which is accepting data by intentionally or accidentally exhausting that server last seen 2020-06-01 modified 2020-06-02 plugin id 92832 published 2016-08-10 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92832 title FreeBSD : BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers (7d08e608-5e95-11e6-b334-002590263bf5) NASL family Fedora Local Security Checks NASL id FEDORA_2016-E1D4972701.NASL description Updated to 4.1.13 (CVE-2016-6173, OPENPGPKEY support) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-10-12 plugin id 93982 published 2016-10-12 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93982 title Fedora 24 : nsd (2016-e1d4972701)
References
- http://www.nlnetlabs.nl/svn/nsd/tags/NSD_4_1_11_REL/doc/RELNOTES
- http://www.nlnetlabs.nl/svn/nsd/tags/NSD_4_1_11_REL/doc/RELNOTES
- http://www.openwall.com/lists/oss-security/2016/07/06/3
- http://www.openwall.com/lists/oss-security/2016/07/06/3
- http://www.openwall.com/lists/oss-security/2016/07/06/4
- http://www.openwall.com/lists/oss-security/2016/07/06/4
- http://www.securityfocus.com/bid/91678
- http://www.securityfocus.com/bid/91678
- https://github.com/sischkg/xfer-limit/blob/master/README.md
- https://github.com/sischkg/xfer-limit/blob/master/README.md
- https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html
- https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html
- https://open.nlnetlabs.nl/pipermail/nsd-users/2016-August/002342.html
- https://open.nlnetlabs.nl/pipermail/nsd-users/2016-August/002342.html
- https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790
- https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790