This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.
The remote DNS server is vulnerable to cache snooping attacks.
The remote DNS server responds to queries for third-party domains
that do not have the recursion bit set.
This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.
For instance, if an attacker was interested in whether your company
utilizes the online services of a particular financial institution,
they would be able to use this attack to build a statistical model
regarding company usage of that financial institution. Of course, the
attack can also be used to find B2B partners, web-surfing patterns,
external mail servers, and more.
Note: If this is an internal DNS server not accessible to outside
networks, attacks would be limited to the internal network. This
may include employees, consultants and potentially users on
a guest network or WiFi connection if supported.
See also :
Contact the vendor of the DNS software for a fix.
Risk factor :
Medium / CVSS Base Score : 5.0
Nessus Plugin ID: 12217 (dns_cache_sniffing.nasl)
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.