In this article, we take a closer look at the most common DNS resolver vulnerabilities that can impact your web sites and domains.1.
DNS Resolver Vulnerabilities: HTTP GET Over HTTP Vulnerability (HTTPS Vulnerability)The HTTP GET over HTTP vulnerability is a common vulnerability that could allow an attacker to execute code on a compromised server and gain control of the system.
This vulnerability has existed for a while and is usually fixed by the browser vendor.
However, in recent months, there have been some reports of other sites using the same vulnerability to steal login credentials, which may allow an unauthenticated attacker to gain control.2.
DNS Server Vulnerability: Vulnerability that allows an attacker with administrative privileges to hijack DNS requests.
This is typically an administrative privilege issue and can occur through HTTP proxy or a DNS server.3.
DNS Security Resolver: Vulnerability that allows for a remote attacker to compromise a DNS resolvers configuration.
This can occur via a web application or from the use of a custom crafted configuration.4.
DNS Servers Vulnerability : Vulnerability in DNS server configuration that allows a malicious user to execute arbitrary code on the server.
This usually occurs when the DNS server is configured with a default username and password.5.
DNS Vulnerability Affects Web Sites and Applications: The DNS server can be configured to allow a remote user with administrative privilege to perform requests to it.
This allows an unprivileged user to gain access to the server and execute code.6.
DNS Service Vulnerability In Application: The system could be configured by an attacker as to allow the user with access to a DNS service to perform queries for them.
This could allow the attacker to bypass DNS security measures.7.
DNS Host Resolver – CVE-2016-0125 – The DNS host resolver vulnerability can allow an authenticated attacker to perform a request for a DNS domain.
This has been a common issue for DNS resols for several years and is the most frequent vulnerability in the current stack.8.
DNS Engine Resolver Security Feature Vulnerability – CVE (CVE-2016, CVE-2017) – The host resolers DNS engine vulnerability can cause a remote code execution vulnerability.
It is usually caused by a bad configuration of the DNS resoloing system.9.
DNS-based Domain Name System Vulnerability CVE-2015-2727 – The domain name system (DNS) vulnerability allows an authenticated user to bypass the DNS-specific security measures, potentially allowing a malicious application to take control of a DNS host.10.
DNS Cache Resolver CVE-2018-0518 – The cache resoler vulnerability allows a remote authenticated user with full administrative access to cause a DNS cache leak and execute arbitrary commands.11.
DNS Proxy Vulnerability Resolver vulnerability CVE-2012-8209 – The resolver’s proxy vulnerability allows attackers to cause the resolver to execute malicious code on an unsecured system.12.
DNS Provider Resolver-CVE-2018