Family: General --> Category: infos
BIND vulnerable to DNS storm Vulnerability Scan
Vulnerability Scan Summary
Checks the remote BIND version
Detailed Explanation for this Vulnerability Test
This is associated with three different vulnerabilities.
1) The remote BIND server, based on its version number, if running
recursive DNS functionality, is vulnerable to a buffer overflow.
2) The remote BIND server is vulnerable to a denial of service (crash)
via SIG RR elements with invalid expiry times.
3) The remote BIND server is vulnerable to a denial of service.
When a DNS lookup is requested on a non-existent sub-domain of
a valid domain and an OPT resource record with a large UDP
payload is attached, the server may fail.
Solution : upgrade to at least bind 8.3.4
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.