The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Protocol DNS

mDNS: information disclosure and DDos
An attacker can query the mDNS service, in order to obtain sensitive information about the network, or to amplify a denial of service attack...
CVE-2015-2809, VIGILANCE-VUL-16510, VU#550620
DNS, Windows 2008 DNS: distributed denial of service via Root Hints
An attacker can use the DNS Service of Windows 2008 (or any other service returning Root Hints), in order to trigger a distributed denial of service...
DNS, ISC BIND: no expiry of revoked names
When a domain name was revoked, an attacker can periodically query a recursive DNS server, in order to continuously renew data in the cache, which never expire...
BID-51898, BID-52558, c03577598, CERTA-2012-AVI-663, CVE-2012-1033, CVE-2012-1191, CVE-2012-1192, CVE-2012-1193, CVE-2012-1194, CVE-2012-1570, ESX410-201211001, ESX410-201211401-SG, ESX410-201211402-SG, ESX410-201211405-SG, ESX410-201211407-SG, FEDORA-2013-1176, FEDORA-2013-1204, FEDORA-2013-1301, FEDORA-2013-6279, FEDORA-2013-6316, openSUSE-SU-2012:0863-1, openSUSE-SU-2012:0864-1, RHSA-2012:0716-01, RHSA-2012:0717-01, SOL15481, SSA:2012-166-01, VIGILANCE-VUL-11344, VMSA-2012-0016, VU#542123
Windows, Java: poisoning the DNS cache
An attacker can open numerous UDP ports, in order to facilitate a DNS cache poisoning attack...
BID-50281, c03266681, CVE-2010-4448, CVE-2011-3552, HPSBUX02760, javacpuoct2011, RHSA-2012:0006-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100805, VIGILANCE-VUL-11087
DNS: cache poisoning
An attacker can predict DNS queries in order to poison the DNS client or cache (caching resolver)...
107064, 239392, 240048, 6702096, 7000912, 953230, BID-30131, c01506861, c01660723, CAU-EX-2008-0002, CAU-EX-2008-0003, CERTA-2002-AVI-189, CERTA-2002-AVI-200, cisco-sa-20080708-dns, CR102424, CR99135, CSCso81854, CVE-2008-1447, draft-ietf-dnsext-forgery-resilience-05, DSA-1544-2, DSA-1603-1, DSA-1604-1, DSA-1605-1, DSA-1617-1, DSA-1619-1, DSA-1619-2, DSA-1623-1, FEDORA-2008-6256, FEDORA-2008-6281, FEDORA-2009-1069, FreeBSD-SA-08:06.bind, HPSBMP02404, HPSBTU02358, HPSBUX02351, MDVSA-2008:139, MS08-037, NetBSD-SA2008-009, powerdns-advisory-2008-01, PSN-2008-06-040, RHSA-2008:0533-01, RHSA-2008:0789-01, SOL8938, SSA:2008-191-02, SSA:2008-205-01, SSRT080058, SSRT090014, SUSE-SA:2008:033, TA08-190B, TLSA-2008-26, VIGILANCE-VUL-7937, VMSA-2008-0014, VMSA-2008-0014.1, VMSA-2008-0014.2, VU#800113
DNS: denial of service via UDP echo services
An attacker can generate a message loop between a DNS server and UDP services such as echo...
DNS: vulnerabilities of some implementations
Several implementations of DNS protocol are affected by the same vulnerabilities...
144154, 144154/NISCC/DNS, 31AK-2006-02-FR-1.0_FAST_DNS_DOS, BID-17691, BID-17692, BID-17693, BID-17694, CQ 72492, CVE-2006-2072, CVE-2006-2073, CVE-2006-2074, CVE-2006-2075, CVE-2006-7054, PSN-2006-04-017, VIGILANCE-VUL-5796, VU#955777
DNS: denial of service using recursive servers
An attacker can poison the cache of a recursive DNS server, then use it to overload a network...
CVE-2006-0987, CVE-2006-0988, VIGILANCE-VUL-5656
DNS : déni de service lors de la décompression de messages
Certaines implémentations du protocole DNS ne gèrent pas correctement les messages compressés...
BID-13729, CERTA-2005-AVI-175, CERTA-2005-AVI-181, CISCO20050524a, Cisco CSCeh59380, Cisco CSCeh63819, Cisco CSCsa67666, Cisco CSCsa67687, CSCsa67687, CVE-2005-0036, CVE-2005-0037, CVE-2005-0038, V6-DNSDECOMPLOOPDOS, VIGILANCE-VUL-4978
DNS spoofing en envoyant des réponses DNS
Un attaquant distant peut envoyer des réponses DNS illicites qui seront acceptées par certaines implémentations, notamment par Windows XP et 2000...
Our database contains other pages. You can request a free trial to read them.

Display information about Protocol DNS: