Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Misc. --> Category: infos

SheerDNS directory traversal Vulnerability Scan

Vulnerability Scan Summary
Acertains if the remote DNS server handles malformed names

Detailed Explanation for this Vulnerability Test

The remote server seems to be running SheerDNS 1.0.0 or older.

This version is vulnerable to several flaws allowing :
- A remote attacker to read certain files with predefined names
(A, PTR, CNAME, ...)

- A local attacker to read the first line of arbitrary files with the
rights of the DNS server (typically root)

- A local attacker to execute arbitrary code through a buffer overflow

Solution : Upgrade to SheerDNS 1.0.1 or disable this service
Threat Level: Low (remotely) / High (locally)

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.