About this tag
Zone transfer, specifically DNS zone transfer using the AXFR protocol, is a method for replicating DNS data across multiple servers. However, misconfigured DNS servers that respond to global AXFR requests can leak sensitive domain information. A remote unauthenticated user may request a zone transfer from a public-facing DNS server, and if improperly configured, the server may reveal internal network structure and potentially sensitive data. This security issue affects misconfigured Domain Name System (DNS) servers and can expose domain information to unauthorized parties. Proper configuration is essential to prevent unauthorized zone transfers and protect network privacy.
-
TA15-103A: DNS Zone Transfer AXFR Requests May Leak Domain Information
Original release date: April 13, 2015 Systems Affected Misconfigured Domain Name System (DNS) servers that respond to global Asynchronous Transfer Full Range (AXFR) requests. Overview A remote unauthenticated user may request a DNS zone transfer from a public-facing DNS server. If...- News
- Thread
- axfr bindings configuration dns domain exploitation guidelines impact internet misconfiguration network protection remote access risk scan scripting security unauthenticated access vulnerability zone transfer
- Replies: 0
- Forum: Security Alerts