WindowsNT DNS Server Character Saturation DoS

Medium Nessus Plugin ID 10312

Synopsis

The remote DNS server is vulnerable to denial of service.

Description

We could make the remote DNS server crash by flooding it with characters. It is likely a WindowsNT DNS server.

Crashing the DNS server could allow an attacker to make your network non-functional, or even to use some DNS spoofing techniques to gain privileges on the network.

Solution

Install Service Pack 3 (SP3) for Windows NT.

See Also

http://support.microsoft.com/default.aspx?scid=kb;EN-US;169461

Plugin Details

Severity: Medium

ID: 10312

File Name: winnt_dns_flood.nasl

Version: 1.25

Type: remote

Family: DNS

Published: 1999/06/22

Updated: 2018/08/15

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:microsoft:windows_nt

Vulnerability Publication Date: 1997/06/01

Reference Information

CVE: CVE-1999-0275