NASLDB: DNSSEC NSEC Records
General
ID: 59959
Name: DNSSEC NSEC Records
Summary: Queries for nonexistent domains.
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Temporal Vector: –
Port: 53
Family: DNS
Type: Remote
Description
The remote DNSSEC server uses NSEC records for negative answers to
queries for its zone(s). NSEC records link to additional existing
domains. These existing domains can be used to craft further queries
that will lead to further NSEC records and thus further domains. This
process can be repeated until all domains in the zone(s) are
disclosed.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: –
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2012/07/12
Plugin
Version: 1.2
Filename: dnssec_nsec.nasl
Filesize: 3910 bytes
MD5 Hash: 4ed7c911f70b466c857842428225b16a
Identification: –
Require Keys: DNSSEC/udp/53", "DNSSEC/zone
Dependencies: "dnssec_resolver.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack