Vulnerabilities > CVE-2016-6173 - Resource Management Errors vulnerability in Nlnetlabs NSD

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
nlnetlabs
CWE-399
nessus

Summary

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-9960D370F7.NASL
    descriptionUpdated to 4.1.13 (CVE-2016-6173, OPENPGPKEY support) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94838
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94838
    titleFedora 25 : nsd (2016-9960d370f7)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_7D08E6085E9511E6B334002590263BF5.NASL
    descriptionISC reports : DNS protocols were designed with the assumption that a certain amount of trust could be presumed between the operators of primary and secondary servers for a given zone. However, in current practice some organizations have scenarios which require them to accept zone data from sources that are not fully trusted (for example: providers of secondary name service). A party who is allowed to feed data into a zone (e.g. by AXFR, IXFR, or Dynamic DNS updates) can overwhelm the server which is accepting data by intentionally or accidentally exhausting that server
    last seen2020-06-01
    modified2020-06-02
    plugin id92832
    published2016-08-10
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92832
    titleFreeBSD : BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers (7d08e608-5e95-11e6-b334-002590263bf5)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-E1D4972701.NASL
    descriptionUpdated to 4.1.13 (CVE-2016-6173, OPENPGPKEY support) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-12
    plugin id93982
    published2016-10-12
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93982
    titleFedora 24 : nsd (2016-e1d4972701)