Plugins: DNS

PowerDNS Recursor 3.6.0 DoS

Knot DNS < 1.4.5 TSIG Signature Spoofing

Knot DNS Server Version Detection

ISC BIND 9 EDNS Processing DoS

MaraDNS < 1.4.14 / 2.0.x < 2.0.09 Deadwood Out-of-Bounds DoS

MaraDNS < / 1.4.x < 1.4.12 / 2.0.x < 2.0.06 Persistent Ghost Domain Caching

MaraDNS 2.0.x < 2.0.05 Hash Collision Zone File Record Local DoS

MaraDNS < / 1.4.x < 1.4.06 / 2.0.x < 2.0.02 compress_add_dlabel_points Function Buffer Overflow

MaraDNS < / 1.4.x < 1.4.10 Hash Collision Form Parameter Remote DoS

MaraDNS 1.3.03 to / 1.4.x < 1.4.03 NULL Pointer Dereference Local DoS (Linux)

MaraDNS < 1.0.41 / 1.2.x < / 1.3.x < CNAME Record Resource Rotation Remote DoS

MaraDNS / 1.3.05 Wildcard Resource Record Remote DoS

MaraDNS 1.2.x < / 1.3.x < 1.3.05 Invalid DNS Packet Fields Remote DoS

MaraDNS 1.2.x < / 1.3.x < 1.3.03 IPv6 Memory Leak Remote DoS

MaraDNS 0.5.x < 0.5.31 / 0.9.x < 0.9.01 Compression Code Remote DoS

MaraDNS Server Version Detection

MS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170) (uncredentialed check)

MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (uncredentialed check)

MS09-008: Vulnerabilities in DNS Server Could Allow Spoofing (961063) (uncredentialed check)

MS08-037: Vulnerabilities in DNS Could Allow Spoofing (951746) (uncredentialed check)

MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)

Microsoft DNS Server Version Detection

DNS Server Version Detection

ISC BIND 9 NSEC3-Signed Zone Handling DoS

ISC BIND 9 localnets ACL Security Bypass

PowerDNS Recursor 3.3.x / 3.4.x / 3.5 RC1 Domain Name Resolving Vulnerability

ISC BIND 9 RDATA Section Handling DoS

ISC BIND 9 libdns Regular Expression Handling DoS

ISC BIND 9 DNS64 Handling DoS


ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness

ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS

NSD query_add_optional() Function NULL Pointer Dereference Malformed DNS Packet Parsing Remote DoS

ISC BIND 9 Multiple Denial of Service Vulnerabilities


ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure

Unbound < 1.4.14 / 1.4.13p2 DoS Vulnerabilities

ISC BIND 9 Query.c Logging Resolver Denial of Service

ISC BIND 9 Unspecified Packet Processing Remote DoS

ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS

Unbound < 1.4.10 daemon/worker.c DNS Request Error Handling Remote DoS

ISC BIND 9 Large RRSIG RRsets Negative Caching Remote DoS

ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS

ISC BIND 9.7.1-9.7.2-P3 IXFR / DDNS Update Combined with High Query Rate DoS

ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3, 9.7.x < 9.7.2-P3 Multiple Vulnerabilities

ISC BIND 9 'RRSIG' Record Type Remote DoS


ISC BIND 9 DNSSEC Cache Poisoning

ISC BIND 9 Dynamic Update Handling Remote DoS (intrusive check)

ISC BIND Dynamic Update Message Handling Remote DoS

NSD packet.c Off-By-One Remote Overflow

ISC BIND 9 EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness

DNS Server Spoofed Request Amplification DDoS

PowerDNS CH HINFO Query Handling DoS

DNS Server DNSSEC Aware Resolver

DNS Server Dynamic Update Record Injection

DNS Server hostname.bind Map Hostname Disclosure

Dns2TCP Service Detection

ISC BIND 9 for Windows UDP Client Handler Remote DoS

PowerDNS Version Detection

PowerDNS Authoritative Server Malformed Query Cache Poisoning Weakness

Multiple Vendor DNS Query ID Field Prediction Cache Poisoning

DNS Sender Policy Framework (SPF) Enabled

ISC BIND < 9.4.1 / 9.5.0a4 query.c query_addsoa Function Recursive Query DoS

ISC BIND 9 Multiple Remote DoS

DNS Server UDP Query Limitation

ISC BIND Crafted ANY Request Response Multiple RRsets DoS

ISC BIND < 9.3.1 Validator Self Checking Remote DoS

ISC BIND < 8.4.6 q_usedns Array Remote Overflow DoS

Multiple Vendor DNS Response Flooding Denial Of Service

ISC BIND < 8.3.7 / 8.4.3 Negative Record Cache Poisoning

SheerDNS < 1.0.1 Multiple Vulnerabilities

ISC BIND < 4.9.5 DNS Resolver Functions Remote Overflow

ISC BIND Dynamic Updates Unauthorized Resource Record Manipulation

ISC BIND < 9.2.2 DNS Resolver Functions Remote Overflow

ISC BIND named SIG Resource Server Response RR Overflow

ISC BIND < 9.2.1 rdataset Parameter Malformed DNS Packet DoS

DNS Server Detection

ISC BIND < 8.3.4 Multiple Remote Vulnerabilities

ISC BIND < 4.9.8 / 8.2.3 Multiple Remote Overflows

ISC BIND < 8.2.2-P7 Compressed ZXFR Name Service Query DoS

ISC BIND < 4.9.7 / 8.1.2 Inverse-Query Remote Overflow

WindowsNT DNS Server Character Saturation DoS

ISC BIND < 4.9.7-REL / 8.2.2-P5 Multiple Remote Vulnerabilities

DNS Server BIND version Directive Remote Version Detection