Family: General --> Category: infos
DNS Cache Snooping Vulnerability Scan
Vulnerability Scan Summary
DNS Cache Snooping
Detailed Explanation for this Vulnerability Test
Remote DNS server is vulnerable to Cache Snooping attacks.
The remote DNS server answers to queries for third party domains which do
not have the recursion bit set.
This may allow a remote attacker to acertain which domains have recently
been resolved via this name server, and therefore which hosts have been
For instance, if a possible hacker was interested in whether your company utilizes
the online services of a particular financial institution, they would
be able to use this attack to build a statistical model regarding
company usage of aforementioned financial institution. Of course,
the attack can also be used to find B2B partners, web-surfing patterns,
external mail servers, and more...
For a much more detailed discussion of the potential risks of allowing
DNS cache information to be queried anonymously, please see:
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.