|
|
Family: Denial of Service --> Category: infos
BIND 9 Denial of Service Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks version of BIND
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote name server may be affected by multiple denial of service
vulnerabilities.
Description :
The version of BIND installed on the remote host suggests that it
suffers from multiple denial of service vulnerabilities, which may be
triggered by either by sending a large volume of recursive queries or
queries for SIG records where there are multiple SIG(covered) RRsets.
Note that Nessus obtained the version by sending a special DNS request
for the text 'version.bind' in the domain 'chaos', the value of which
can be and sometimes is tweaked by DNS administrators.
See also :
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Solution :
Upgrade to BIND 9.4.0b2 / 9.3.3rc2 / 9.3.2-P1 / 9.2.7rc2 / 9.2.6-P1 or
later.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
