Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2015-5477

Description

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

POC

Reference

- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718

- http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html

- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

- https://kb.isc.org/article/AA-01272

- https://kb.isc.org/article/AA-01306

- https://kc.mcafee.com/corporate/index?page=content&id=SB10126

- https://www.exploit-db.com/exploits/37721/

- https://www.exploit-db.com/exploits/37723/

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/CodingChatRoom/Advance-Reconnaissance-

- https://github.com/GhostTroops/TOP

- https://github.com/IMCG/awesome-c

- https://github.com/JERRY123S/all-poc

- https://github.com/JiounDai/ShareDoc

- https://github.com/Maribel0370/Nebula-io

- https://github.com/NCSU-DANCE-Research-Group/CDL

- https://github.com/Riverhac/ShareDoc

- https://github.com/ambynotcoder/C-libraries

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/elceef/tkeypoc

- https://github.com/hktalent/TOP

- https://github.com/hmlio/vaas-cve-2015-5477

- https://github.com/holmes-py/reports-summary

- https://github.com/ilanyu/cve-2015-5477

- https://github.com/jbmihoub/all-poc

- https://github.com/knqyf263/cve-2015-5477

- https://github.com/lekctut/sdb-hw-13-01

- https://github.com/likekabin/ShareDoc_cve-2015-5477

- https://github.com/likescam/ShareDoc_cve-2015-5477

- https://github.com/lushtree-cn-honeyzhao/awesome-c

- https://github.com/mrash/afl-cve

- https://github.com/pankajkryadav/Hacktivity

- https://github.com/pedr0alencar/vlab-metasploitable2

- https://github.com/robertdavidgraham/cve-2015-5477

- https://github.com/thenothing0/tkeypoc

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/xycloops123/TKEY-remote-DoS-vulnerability-exploit