Detections
Analytics

Knot DNS < 1.6.3 Multiple Vulnerabilities

high Nessus Plugin ID 87598

Language:

Synopsis

The remote DNS server is affected by multiple vulnerabilities.

Description

The remote host is running a version of Knot DNS prior to 1.6.3. It is, therefore, affected by multiple vulnerabilities :

 - An out-of-bounds read error exists in the knot_rrset_rr_to_canonical() function. An unauthenticated, remote attacker can exploit this, via a specially crafted packet, to disclose sensitive information or cause a denial of service.

 - An out-of-bounds read error exists in the zone parser due to improper handling of origin domain names. An unauthenticated, remote attacker can exploit this, via a specially crafted zone, to disclose sensitive information or cause a denial of service.

 - An out-of-bounds read error exists in the rdata_seek() function. An unauthenticated, remote attacker can exploit this, via a specially crafted packet, to disclose sensitive information or cause a denial of service.

Solution

Upgrade to Knot DNS version 1.6.3 or later.

See Also

https://gitlab.labs.nic.cz/users/sign_in

Plugin Details

Severity: High

ID: 87598

File Name: knot_dns_1_6_3.nasl

Version: 1.5

Type: remote

Family: DNS

Published: 12/22/2015

Updated: 1/2/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C

Vulnerability Information

CPE: x-cpe:/a:cz.nic:knot_dns

Required KB Items: Settings/ParanoidReport, knot_dns/proto

Patch Publication Date: 4/8/2015

Vulnerability Publication Date: 4/8/2015