SheerDNS < 1.0.1 Multiple Vulnerabilities

medium Nessus Plugin ID 11535

Language:

Synopsis

The remote server is vulnerable to several flaws.

Description

The remote server seems to be running SheerDNS 1.0.0 or older.

This version is vulnerable to several flaws allowing :
- A remote attacker to read certain files with predefined names (A, PTR, CNAME, ...)

- A local attacker to read the first line of arbitrary files with the privileges of the DNS server (typically root)

- A local attacker to execute arbitrary code through a buffer overflow

Solution

Upgrade to SheerDNS 1.0.1 or disable this service

Plugin Details

Severity: Medium

ID: 11535

File Name: sheerdns_traversal.nasl

Version: 1.19

Type: remote

Family: DNS

Published: 4/14/2003

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: DNS/udp/53

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/13/2003

Reference Information

BID: 7335, 7336