AXFR – an information disclosure about zone transfer. Domain Name System described in RFC 1034/1035 includes full zone transfer specification. Typically, this mechanism is used for information replication between servers, but it can also be used to obtain a variety of information for mass mailings distributed DoS attacks and other malicious purposes. The vulnerability is connected with the fact that the majority of DNS servers don’t restrict AXFR requests.

XFR data used for searching mail repeaters, proxy servers, hosts with a particular OS or installed applications. When DNS-server receives AXFR request, it sends all known data for a requested domain. But If the DNS server as a wrong configuration – any user can obtain the access to this data.

Quite often, some websites have a “secret” subdomains (dev.*, test.* and others) for the internal usage. Usually, these domains have an insecure configuration or developed features.