Test Kennung:	1.3.6.1.4.1.25623.1.0.106119
Kategorie:	Denial of Service
Titel:	Knot DNS Server AXFR Response Denial of Service Vulnerability
Zusammenfassung:	Knot DNS Server is prone to a denial of service vulnerability.
Beschreibung:	Summary: Knot DNS Server is prone to a denial of service vulnerability. Vulnerability Insight: Primary DNS servers may cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message Vulnerability Impact: An authenticated remote attacker may cause a denial of service condition. Affected Software/OS: Version prior to 2.3.0 Solution: Update to Knot Dns 2.3.0. for updates. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6171 91678 http://www.securityfocus.com/bid/91678 [dns-operations] 20160704 DNS activities in Japan https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html [oss-security] 20160706 Malicious primary DNS servers can crash secondaries http://www.openwall.com/lists/oss-security/2016/07/06/3 [oss-security] 20160706 Re: Malicious primary DNS servers can crash secondaries http://www.openwall.com/lists/oss-security/2016/07/06/4 https://github.com/sischkg/xfer-limit/blob/master/README.md https://gitlab.labs.nic.cz/labs/knot/blob/c546a70563ef4c7badb7cb5bdf6d1ba8e7adae82/NEWS https://gitlab.labs.nic.cz/labs/knot/issues/464
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.