ID CVE-2006-0987
Summary The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
References
Vulnerable Configurations
  • ISC BIND 9.3.2
    cpe:2.3:a:isc:bind:9.3.2
CVSS
Base: 5.0 (as of 03-03-2006 - 14:02)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
metasploit via4
description This module can be used to discover DNS servers which expose recursive name lookups which can be used in an amplification attack against a third party.
id MSF:AUXILIARY/SCANNER/DNS/DNS_AMP
last seen 2018-09-24
modified 2017-08-27
published 2014-01-29
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/dns/dns_amp.rb
title DNS Amplification Scanner
nessus via4
  • NASL family AIX Local Security Checks
    NASL id AIX_IV62224.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77254
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77254
    title AIX 6.1 TL 7 : bind9 (IV62224)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV61027.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77250
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77250
    title AIX 7.1 TL 3 : bind9 (IV61027)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV61093.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77252
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77252
    title AIX 7.1 TL 1 : bind9 (IV61093)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV61090.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77251
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77251
    title AIX 7.1 TL 2 : bind9 (IV61090)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV62225.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77255
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77255
    title AIX 6.1 TL 9 : bind9 (IV62225)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV62146.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77253
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77253
    title AIX 6.1 TL 8 : bind9 (IV62146)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV62327.NASL
    description The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification via DNS queries with spoofed source IP addresses. Please see following for more information : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 77256
    published 2014-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77256
    title AIX 5.3 TL 12 : bind9 (IV62327)
  • NASL family DNS
    NASL id DNS_AMPLIFICATION.NASL
    description The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root zone ('.') and get an answer that is bigger than the original request. By spoofing the source IP address, a remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party host using the remote DNS server.
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 35450
    published 2009-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35450
    title DNS Server Spoofed Request Amplification DDoS
refmap via4
bugtraq 20060228 recursive DNS servers DDoS as a growing DDoS problem
confirm http://kb.isc.org/article/AA-00269
misc
Last major update 19-08-2013 - 21:46
Published 03-03-2006 - 06:02
Last modified 18-10-2018 - 12:30
Back to Top