This Metasploit module sends a malformed TKEY query, which exploits an error in handling TKEY queries on affected BIND9 named DNS servers. As a result, a vulnerable named server will exit with a REQUIRE assertion failure. This condition can be exploited in versions of BIND between BIND 9.1.0 through 9.8.x, 9.9.0 through 9.9.7-P1 and 9.10.0 through 9.10.2-P2.
1dd13b33ea021a682e97faa07baead4833823e473a61eb1e0ca390a8734fb5d8HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
58fee4a06d3f5edda1809be66e0702659884cd9a5e2567b6665e9ab43eea6133Red Hat Security Advisory 2016-0079-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
a35918ab39e99762a3b19dc79daedc98eaadd5ba6e3ea93e97f92ef32c18ecf6Red Hat Security Advisory 2016-0078-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.
0ed3af1b476de859391daa5f87e999a2851fe7c925578620450a6d7ababb9e84Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.
3e69b06ce087bc759fa9828ea0b0cf459d7968e9aa04df031352b20c2a562035HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
f0f4a425f26cfc537edf32966bbe5b3a92ba5abc570439e968df19dcaebde252HP Security Bulletin HPSBOV03506 1 - A potential security vulnerability has been identified with TCP/IP Services for OpenVMS running BIND. The vulnerability could be remotely exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.
697a636a6d3aecc307d2f528b38ae8b2c5eb11f5f8497127186beae05657ab43HPE Security Bulletin HPSBUX03410 SSRT102175 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
285ee505b9669d1854cd08aeb5674d644bd0b538eff60181220efd7a9afa9157HPE Security Bulletin HPSBUX03400 SSRT102211 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
928c02d212c071234ac998c1ccd542c75746befe86272f5fc87537250be7fe15Apple Security Advisory 2015-08-13-4 - OS X Server v4.1.5 is now available and addresses a BIND related denial of service vulnerability.
f5e6c2b5a0d5ca19d92a278a308911b7cb4cc61a13ba12f4a9b43825f1a463cfRed Hat Security Advisory 2015-1515-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
92bd0030856a69af4da7d4c2b799173e40b1c3de179c0a3b4bf343d9f48bc64dRed Hat Security Advisory 2015-1514-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
fafac577a237e448434eceb55f708fb50b5c609fb601b4668cdf9613c1951e3eBIND TKEY query remote denial of service proof of concept exploit.
98dd7e68b5ba69b4f6f8287920f52bcee95bbbd291e65f3052e28485d9d3be63Red Hat Security Advisory 2015-1513-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
9696ddffb016995e664c0f085c91763803a03b91c9ed81fad41daf42f574fd3dUbuntu Security Notice 2693-1 - Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to cause Bind to crash, resulting in a denial of service. Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. A remote attacker could use this issue with a specially crafted query to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
411a9a7a936c5f60b5b0c9ee6179ab5f35060ebe8eb34ca0a134a30178867decDebian Linux Security Advisory 3319-1 - Jonathan Foote discovered that the BIND DNS server does not properly handle TKEY queries. A remote attacker can take advantage of this flaw to mount a denial of service via a specially crafted query triggering an assertion failure and causing BIND to exit.
124c5fcbeb1e34ffacc02e1644ac9241c1c0c30394399fdfcaee30e61f38d695Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
47135340b739a1ab5941e190a120381ca58ea3ea6256090a806959d64b20f10eFreeBSD Security Advisory - A remote attacker can trigger a crash of a name server. Both recursive and authoritative servers are affected, and the exposure can not be mitigated by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling, before checks enforcing those boundaries.
846c53d6de99a6145a851883cd99b3ff6c32854a6c9e0c92a215d8bd9d16df91
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed