Reply
Highlighted

vulnerability assessment infoblox

Authority
Posts: 20
1477     0

Hello

 

Does anyone know how to mitigate this vulnerability assesment Infoblox ?

 

1. DNS Server Zone Transfer Information Disclosure ( AXFR )
2. DNS Server Dynamic Update Record Injection
3. DNS Traffic Amplification Vulnerability
4. Information Exposure through Directory Listing

 

 

Thank You,

Re: vulnerability assessment infoblox

Authority
Posts: 22
1478     0

Hello,

 

In order to better understand the issue, can you please also provide us with the CVE numbers so that we can have better understanding and help you accordingly.

 

Regards,

 

Manu M

Re: vulnerability assessment infoblox

Authority
Posts: 20
1478     0
Hi MMathew & All, Sory for late respond we got documentation for detail vulnerability assessment infoblox from customer, right now we found issue only in below : 2. DNS Server Dynamic Update Record Injection CWE 16 Configuration : Weaknesses in this category are typically introduced during the configuration of the software. We already change config in side infoblox : checklist for config prevent dynamic updates to RRsets containing static records & prevent dynamic updates to RRsets containing protected records After Vendor IT Security re-run again for penetration test still NOT OK for the result. could you please advice how to solved this issue for DNS Server Dynamic Update Record Injection ? Thank You,

Re: vulnerability assessment infoblox

dikiery
Techie
Posts: 6
1478     0

@MMathew wrote:

Hello,

 

In order to better understand the issue, can you please also provide us with the CVE numbers so that we can have better understanding and help you accordingly.

 

Regards,

 

Manu M


I beleave the CVE number is  CVE-2007-1644 , do have any sugggest ?


Re: vulnerability assessment infoblox

TTiscareno Community Manager
Community Manager
Posts: 359
1478     0

While this is showing up in your vulnerability assessment, the fact that a server can accept dynamic updates is NOT considered a vulnerability. This is a valid function in DNS, which you can selectively allow or deny (with deny being the default action).

 

To get a better understanding for what your vulnerability scanner is detecting, it would be helpful to get the following information:

 

  1. The IP address that NIOS will see coming from the vulnerability scanner.
  2. A Traffic Capture run on the Infoblox appliance that the vulnerability scanner is scanning, while the vulnerability scanner is running.
  3. After the scan completes, download a Support Bundle from the Infoblox appliance that the scanner was run against, along with one from your Grid Master (if different).
  4. The scan report

 

You would then want to open a case with Infoblox Support and provide this data so that they can help review everything and get a better idea for what the scanner is seeing, and provide you with next steps on any changes that may be required.

 

Regards,

Tony

Showing results for 
Search instead for 
Do you mean 

Recommended for You