ISC BIND < 9.2.1 rdataset Parameter Malformed DNS Packet DoS

high Nessus Plugin ID 11051

Synopsis

The remote name server is vulnerable to a denial of service attack.

Description

The remote BIND server, according to its version number, is vulnerable to a remote denial of service attack.

An attacker may use this flaw to prevent this service from working properly.

Solution

Upgrade to bind 9.2.1 or later.

Plugin Details

Severity: High

ID: 11051

File Name: bind9_dos.nasl

Version: 1.26

Type: remote

Family: DNS

Published: 7/22/2002

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:isc:bind

Required KB Items: bind/version

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 6/5/2002

Reference Information

CVE: CVE-2002-0400

BID: 4936