Detections
Analytics
ISC BIND 9 DNSSEC Query Response Remote Cache Poisoning
medium Nessus Network Monitor Plugin ID 5243
Synopsis
The remote DNS Server is vulnerable to a remote cache-poisoning attack.Description
The remote DNS Server is running BIND 9 earlier than 9.4.3-P4, 9.5.2-P1, or 9.6.1-P2. Such versions may incorrectly ad records to its cache from the additional section of responses received during resolution of a recursive client query. This behavior only occurs when processing client queries with checking disabled (CD) at the same time as requesting DNSSEC records (DO).Solution
Upgrade to BIND 9.4.3-P4 / 9.5.2-P1 / 9.6.1-P2 or later.See Also
Plugin Details
Severity: Medium
ID: 5243
Family: DNS Servers
Published: 11/25/2009
Updated: 3/6/2019
Nessus ID: 42983
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 4.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:isc:bind
Patch Publication Date: 11/24/2009
Vulnerability Publication Date: 11/24/2009
Reference Information
CVE: CVE-2009-4022
BID: 37118