Summary
The remote name server allows DNS zone transfers to be performed.
A zone transfer will allow the remote attacker to instantly populate a list of potential targets. In addition, companies often use a naming convention which can give hints as to a servers primary application (for instance, proxy.company.com, payroll.company.com, b2b.company.com, etc.).
As such, this information is of great use to an attacker who may use it to gain information about the topology of your network and spot new targets.
Solution
Restrict DNS zone transfers to only the servers that absolutely need it.
Severity
Classification
-
CVE CVE-1999-0532 -
CVSS Base Score: 0.0
AV:N/AC:L/Au:N/C:N/I:N/A:N
Related Vulnerabilities