PROTOCOL-DNS -- Snort alerted on a Domain Name Server (DNS) protocol issue. These packets travel over UDP on port 53 to serve DNS queries--user website requests through a browser. Several vulnerability use-cases exist (ie, additional data could be sent with a request, which would contact a DNS server pre-prepared to send information back and forth).
PROTOCOL-DNS ISC BIND unexpected DNAME CNAME ordering denial of service attempt
This event is generated when an attempt is made to exploit a known vulnerability in 2017-3137.
Ease of Attack:
What To Look For
No public information
No known false positives
This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
For more information see http://nvd.nist.gov/
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information