ALT-PU-2018-1475-1
Closed vulnerabilities
Published: 2017-02-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-6173
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- http://www.nlnetlabs.nl/svn/nsd/tags/NSD_4_1_11_REL/doc/RELNOTES
- http://www.nlnetlabs.nl/svn/nsd/tags/NSD_4_1_11_REL/doc/RELNOTES
- [oss-security] 20160706 Malicious primary DNS servers can crash secondaries
- [oss-security] 20160706 Malicious primary DNS servers can crash secondaries
- [oss-security] 20160706 Re: Malicious primary DNS servers can crash secondaries
- [oss-security] 20160706 Re: Malicious primary DNS servers can crash secondaries
- 91678
- 91678
- https://github.com/sischkg/xfer-limit/blob/master/README.md
- https://github.com/sischkg/xfer-limit/blob/master/README.md
- [dns-operations] 20160704 DNS activities in Japan
- [dns-operations] 20160704 DNS activities in Japan
- [nsd-users] 20160809 NSD 4.1.11
- [nsd-users] 20160809 NSD 4.1.11
- https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790
- https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790