ID de Prueba:	1.3.6.1.4.1.25623.1.0.10539
Categoría:	General
Título:	Useable remote name server
Resumen:	NOSUMMARY
Descripción:	Description: The remote name server allows recursive queries to be performed by the host running nessusd. If this is your internal nameserver, then forget this warning. If you are probing a remote nameserver, then it allows anyone to use it to resolve third parties names (such as www.nessus.org). This allows hackers to do cache poisoning attacks against this nameserver. If the host allows these recursive queries via UDP, then the host can be used to 'bounce' Denial of Service attacks against another network or system. See also : http://www.cert.org/advisories/CA-1997-22.html Solution : Restrict recursive queries to the hosts that should use this nameserver (such as those of the LAN connected to it). If you are using bind 8, you can do this by using the instruction 'allow-recursion' in the 'options' section of your named.conf If you are using bind 9, you can define a grouping of internal addresses using the 'acl' command Then, within the options block, you can explicitly state: 'allow-recursion { hosts_defined_in_acl }' For more info on Bind 9 administration (to include recursion), see: http://www.nominum.com/content/documents/bind9arm.pdf If you are using another name server, consult its documentation. Risk factor : High
Referencia Cruzada:	BugTraq ID: 136 BugTraq ID: 678 Common Vulnerability Exposure (CVE) ID: CVE-1999-0024 Cert/CC Advisory: CA-97.22.bind https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0024 NAI Labs Security Advisory: NAI-11 XForce ISS Database: bind
Copyright	This script is Copyright (C) 2000 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.