ID CVE-2006-0988
Summary The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
References
Vulnerable Configurations
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • cpe:2.3:o:microsoft:windows_2003_server:r2
    cpe:2.3:o:microsoft:windows_2003_server:r2
  • Microsoft Windows NT 4.0
    cpe:2.3:o:microsoft:windows_nt:4.0
CVSS
Base: 7.8 (as of 03-03-2006 - 14:32)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
metasploit via4
description This module can be used to discover DNS servers which expose recursive name lookups which can be used in an amplification attack against a third party.
id MSF:AUXILIARY/SCANNER/DNS/DNS_AMP
last seen 2018-09-24
modified 2017-08-27
published 2014-01-29
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/dns/dns_amp.rb
title DNS Amplification Scanner
refmap via4
bugtraq 20060228 recursive DNS servers DDoS as a growing DDoS problem
misc
Last major update 05-09-2008 - 17:00
Published 03-03-2006 - 06:02
Last modified 18-10-2018 - 12:30
Back to Top