Closed Bug 1608349 Opened 5 years ago Closed 5 years ago

DNS misconfiguration (almost subdomain takeover) for hindsight.prod.dataops.mozgcp.net

Categories

(Cloud Services :: Operations: Miscellaneous, task)

Product:
Cloud Services
Component:
Operations: Miscellaneous
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: hanno, Unassigned)

Details

The hostname
hindsight.prod.dataops.mozgcp.net
gives a DNS SERVFAIL answer right now, because it is delegated to Google Cloud, but is not registered there.

Usually this would lead to a possibility of a subdomain takeover (see e.g. #1540847 for a similar bug) and would be a security issue. However it seems that Google has implemented some protection if a domain is already claimed by another account (through webmaster tools apparently) one cannot add a subdomain to another account without validating domain ownership. Thus in this case a subdomain takeover is not possible.

Still this is an obvious misconfiguration, the NS delegation should be removed if the host is no longer in use.

Addition: Same issue affects:
hindsight.nonprod.dataops.mozgcp.net

(nonprod instead of prod)

The NS delegations have been removed.

$ host -t txt  hindsight.prod.dataops.mozgcp.net
Host hindsight.prod.dataops.mozgcp.net not found: 3(NXDOMAIN)
$ host -t txt  hindsight.nonprod.dataops.mozgcp.net
Host hindsight.nonprod.dataops.mozgcp.net not found: 3(NXDOMAIN)
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.