This module exploits a nameserver vulnerability that occurs when processing a maliciously crafted T_NXT resource record received in a DNS reply message. After successful exploitation, an agent will be deployed. This agent will inherit the user identity and capabilities of the abused service, usually those of the user used to run the bind daemon. However, the uid (as opposite to the euid) of the agent will be that of the super user in most cases (usually '0'). Note that the deployed might be running in a chroot jail. This situation doesn't prevent the agent to be used, and after setting the user id to that of the super user, the chroot breaker module (see "chroot breaker" module documentation) can be used to escape the chroot jail.
CVE Link
Product Name