CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
87.9%
XACK DNS is DNS server software provided by XACK, Inc. XACK DNS contains a denial-of-service (DoS) vulnerability due to an issue commonly referred to as NXNSAttack.
A remote attacker may be able to cause denial-of-service (DoS) conditions listed below.
Update the software
Apply the appropriate update according to the information provided by the developer.
If you use the version 1.6.x and earlier, update the software to the latest version.
Applying this update adds a new configuration item, cache_ns_name_limit, that limits the number of queries to authoritative DNS servers for processing delegation information during full resolver name resolution.
Apply a workaround
If the latest version of software cannot be obtained or software update cannot be applied, applying the workaround listed below may mitigate the impacts of this vulnerability.
Any of the following XACK DNS versions that use the cache server feature (full resolver configuration is set) are affected:
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
87.9%