English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.146591
Category:General
Title:DNS Cache Snooping Vulnerability (UDP) - Active Check
Summary:The DNS server is prone to a cache snooping vulnerability.
Description:Summary:
The DNS server is prone to a cache snooping vulnerability.

Vulnerability Insight:
DNS cache snooping is when someone queries a DNS server in
order to find out (snoop) if the DNS server has a specific DNS record cached, and thereby
deduce if the DNS server's owner (or its users) have recently visited a specific site.

This may reveal information about the DNS server's owner, such as what vendor, bank, service
provider, etc. they use. Especially if this is confirmed (snooped) multiple times over a period.

This method could even be used to gather statistical information - for example at what time does
the DNS server's owner typically access his net bank etc. The cached DNS record's remaining TTL
value can provide very accurate data for this.

DNS cache snooping is possible even if the DNS server is not configured to resolve recursively
for 3rd parties, as long as it provides records from the cache also to 3rd parties (a.k.a.
'lame requests').

Vulnerability Impact:
Attackers might gain information about cached DNS records
which might lead to further attacks.

Note: This finding might be an acceptable risk if you:

- trust all clients which can reach the server

- do not allow recursive queries from outside your trusted client network.

Solution:
There are multiple possible mitigation steps depending on
location and functionality needed by the DNS server:

- Disable recursion

- Don't allow public access to DNS Servers doing recursion

- Leave recursion enabled if the DNS Server stays on a corporate network that cannot be reached
by untrusted clients

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.