|
Family: General --> Category: infos
The remote BIND has dynamic updates enabled Vulnerability Scan
Vulnerability Scan Summary Acertains if the UPDATE operation is implemented on the remote host
Detailed Explanation for this Vulnerability Test
The remote nameserver has dynamic updates enabled.
The dynamic updates let the bind administrator update the name
service information dynamically.
However, it is possible to trick bind to change the resource
record for the zone is it serves. A possible hacker may use this
flaw to hijack the traffic going the your servers and redirect
it to somewhere else.
Solution : If you use bind, add the option
allow-update {none
}
in your named.conf to disable this feature entirely.
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|