DNS Server Zone Transfer Vulnerability in Various Solutions
CVE-1999-0532

Currently unrated

Key Information:

Vendor: Various
Status: DNS Server
Vendor: CVE Published:; 1 July 1997

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 83%

What is CVE-1999-0532?

A vulnerability exists in certain DNS server implementations that permits unauthorized zone transfers. This zone transfer can expose sensitive information about the DNS server's domain and resource records to potential attackers. Proper configuration is essential to mitigate the risk of data leakage and unauthorized access.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Bulk_CVE-1999-0532_Scanner
Created by websecnl

dns-zone-transfer-test
Created by Rodney-O-C-Melby

References

https://www.cve.org/CVERecord?id=CVE-1999-0532

x_refsource_MISC

EPSS Score

83% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 11, 2021
👾
Exploit known to exist
Feb 11, 2021
Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jul 1, 1997