ISC BIND 9 Query.c Logging Resolver Denial of Service

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote name server may be affected by a denial of service
vulnerability.

Description :

According to its self-reported version number, the remote
installation of BIND is potentially affected by a denial of service
vulnerability. An unidentified network event causes BIND9 resolvers
to cache an invalid record, subsequent queries for which could crash
the resolvers with an assertion failure.

Note that Nessus has only relied on the version itself and has not
attempted to determine whether or not the install is actually
affected.

See also :

ftp://ftp.isc.org/isc/bind/9.4-ESV-R5-P1/CHANGES
ftp://ftp.isc.orc/isc/bind/9.6-ESV-R5-P1/CHANGES
ftp://ftp.isc.org/isc/bind/9.7.4-P1/CHANGES
ftp://ftp.isc.org/isc/bind/9.8.1-P1/CHANGES
https://www.isc.org/software/bind/advisories/cve-2011-4313

Solution :

Upgrade to BIND 9.4-ESV-R5-P1 / 9.6-ESV-R5-P1 / 9.7.4-P1 / 9.8.1-P1
or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: DNS

Nessus Plugin ID: 56862 ()

Bugtraq ID: 50690

CVE ID: CVE-2011-4313