Main Vulnerability Database Exploits ID:10002 - Exploit for Resource exhaustion in ISC BIND - CVE-2006-0987

ID:10002 - Exploit for Resource exhaustion in ISC BIND - CVE-2006-0987

Published: June 17, 2024

Vulnerability identifier: #VU92164

Vulnerability risk: Medium

CVE-ID: CVE-2006-0987

CWE-ID: CWE-400

Exploitation vector: Remote access

Vulnerable software:
ISC BIND

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/scanner/dns/dns_amp

Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the default configuration of ISC BIND when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses. A remote attacker can trigger resource exhaustion and cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

ID:10002 - Exploit for Resource exhaustion in ISC BIND - CVE-2006-0987

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human