module
BIND TKEY Query Denial of Service
| Disclosed | Created |
|---|---|
| 2015-07-28 | 2018-05-30 |
Disclosed
2015-07-28
Created
2018-05-30
Description
This module sends a malformed TKEY query, which exploits an
error in handling TKEY queries on affected BIND9 'named' DNS servers.
As a result, a vulnerable named server will exit with a REQUIRE
assertion failure. This condition can be exploited in versions of BIND
between BIND 9.1.0 through 9.8.x, 9.9.0 through 9.9.7-P1 and 9.10.0
through 9.10.2-P2.
error in handling TKEY queries on affected BIND9 'named' DNS servers.
As a result, a vulnerable named server will exit with a REQUIRE
assertion failure. This condition can be exploited in versions of BIND
between BIND 9.1.0 through 9.8.x, 9.9.0 through 9.9.7-P1 and 9.10.0
through 9.10.2-P2.
Authors
Jonathan Foote
throwawayokejxqbbif
wvu wvu@metasploit.com
throwawayokejxqbbif
wvu wvu@metasploit.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.