Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10595
Category:Service detection
Title:DNS AXFR
Summary:The remote name server allows DNS zone transfers to be performed.
Description:Summary:
The remote name server allows DNS zone transfers to be performed.

Vulnerability Impact:
A zone transfer will allow the remote attacker to instantly
populate a list of potential targets. In addition, companies often use a naming convention
which can give hints as to a servers primary application (for instance, proxy.company.com,
payroll.company.com, b2b.company.com, etc.).

As such, this information is of great use to an attacker who may use it to gain information
about the topology of your network and spot new targets.

Solution:
Restrict DNS zone transfers to only the servers that
absolutely need it.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-1999-0532
CopyrightCopyright (C) 2005 j_lampe@bellsouth.net

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.