DNS Server Zone Transfer Information Disclosure (AXFR)

medium Nessus Plugin ID 10595

Synopsis

The remote name server allows zone transfers

Description

The remote name server allows DNS zone transfers to be performed.

A zone transfer lets a remote attacker instantly populate a list of potential targets. In addition, companies often use a naming convention that can give hints as to a servers primary application (for instance, proxy.example.com, payroll.example.com, b2b.example.com, etc.).

As such, this information is of great use to an attacker, who may use it to gain information about the topology of the network and spot new targets.

Solution

Limit DNS zone transfers to only the servers that need the information.

See Also

https://en.wikipedia.org/wiki/AXFR

Plugin Details

Severity: Medium

ID: 10595

File Name: dns_xfer.nasl

Version: 1.37

Type: remote

Family: DNS

Published: 1/16/2001

Updated: 9/17/2018

Risk Information

CVSS Score Rationale: Tenable gives a confidentiality impact of partial since the issue could reveal useful info to an attacker.

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.2

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: E:U/RL:ND/RC:C

CVSS Score Source: CVE-1999-0532

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/1/1990

Reference Information

CVE: CVE-1999-0532