CVE-2020-12667

Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://cyber-security-group.cs.tau.ac.il/#	Technical Description Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/05/19/2	Mailing List Third Party Advisory
https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/	Technical Description Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/
https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html	Release Notes Vendor Advisory
http://cyber-security-group.cs.tau.ac.il/#	Technical Description Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/05/19/2	Mailing List Third Party Advisory
https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/	Technical Description Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/
https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:nic:knot_resolver:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-05-19 13:15

Updated : 2024-11-21 05:00

NVD link : CVE-2020-12667

Mitre link : CVE-2020-12667

CVE.ORG link : CVE-2020-12667

JSON object : View

Products Affected

nic

knot_resolver

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2020-12667", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-05-19T13:15:11.763", "references": [{"url": "http://cyber-security-group.cs.tau.ac.il/#", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2020/05/19/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/", "tags": ["Technical Description", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/", "source": "cve@mitre.org"}, {"url": "https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://cyber-security-group.cs.tau.ac.il/#", "tags": ["Technical Description", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2020/05/19/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/", "tags": ["Technical Description", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an \"NXNSAttack\" issue. This is triggered by random subdomains in the NSDNAME in NS records."}, {"lang": "es", "value": "Knot Resolver versiones anteriores a 5.1.1, permite la amplificaci\u00f3n del tr\u00e1fico mediante una respuesta DNS dise\u00f1ada desde un servidor controlado por el atacante, tambi\u00e9n se conoce como un problema de \"NXNSAttack\". Esto es activado por subdominios aleatorios en los registros NS en NSDNAME."}], "lastModified": "2024-11-21T05:00:01.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nic:knot_resolver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFA28A54-33C9-49D7-9B04-28088B14DCE2", "versionEndExcluding": "5.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}