ISC BIND 9 Query.c Logging Resolver Denial of Service

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.

Synopsis :

The remote name server may be affected by a denial of service

Description :

According to its self-reported version number, the remote
installation of BIND is potentially affected by a denial of service
vulnerability. An unidentified network event causes BIND9 resolvers
to cache an invalid record, subsequent queries for which could crash
the resolvers with an assertion failure.

Note that Nessus has only relied on the version itself and has not
attempted to determine whether or not the install is actually

See also :

Solution :

Upgrade to BIND 9.4-ESV-R5-P1 / 9.6-ESV-R5-P1 / 9.7.4-P1 / 9.8.1-P1
or later.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true

Family: DNS

Nessus Plugin ID: 56862 ()

Bugtraq ID: 50690

CVE ID: CVE-2011-4313

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now