|
Family: General --> Category: infos
DNS Cache Snooping Vulnerability Scan
Vulnerability Scan Summary DNS Cache Snooping
Detailed Explanation for this Vulnerability Test
Synopsis :
Remote DNS server is vulnerable to Cache Snooping attacks.
Description :
The remote DNS server answers to queries for third party domains which do
not have the recursion bit set.
This may allow a remote attacker to acertain which domains have recently
been resolved via this name server, and therefore which hosts have been
recently visited.
For instance, if a possible hacker was interested in whether your company utilizes
the online services of a particular financial institution, they would
be able to use this attack to build a statistical model regarding
company usage of aforementioned financial institution. Of course,
the attack can also be used to find B2B partners, web-surfing patterns,
external mail servers, and more...
For a much more detailed discussion of the potential risks of allowing
DNS cache information to be queried anonymously, please see:
http://community.sidestep.pt/~luis/DNS-Cache-Snooping/DNS_Cache_Snooping_1.1.pdf
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|