This script is Copyright (C) 2004-2009 Tenable Network Security
Family
DNS
Plugin ID
12217
Bugtraq ID
CVE ID
Description:
Synopsis :
The remote DNS server is vulnerable to cache snooping attacks.
Description :
The remote DNS server responds to queries for third-party domains
which do not have the recursion bit set.
This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.
For instance, if an attacker was interested in whether your company
utilizes the online services of a particular financial institution,
they would be able to use this attack to build a statistical model
regarding company usage of that financial institution. Of course, the
attack can also be used to find B2B partners, web-surfing patterns,
external mail servers, and more...
See also :
For a much more detailed discussion of the potential risks of allowing
DNS cache information to be queried anonymously, please see:
