ISC BIND 9.x < 9.9.9-P2 / 9.10.x < 9.10.4-P2 / 9.11.0a3 < 9.11.0b2 lwres Query DoS

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote name server is affected by a denial of service
vulnerability.

Description :

According to its self-reported version number, the installation of
ISC BIND running on the remote name server is 9.x prior to 9.9.9-P2,
9.10.x prior to 9.10.4-P2, or 9.11.0a3 prior to 9.11.0b2. It is,
therefore, affected by an error in the lightweight resolver (lwres)
protocol implementation when resolving a query name that, when
combined with a search list entry, exceeds the maximum allowable
length. An unauthenticated, remote attacker can exploit this to cause
a segmentation fault, resulting in a denial of service condition. This
issue occurs when lwresd or the the named 'lwres' option is enabled.

See also :

https://kb.isc.org/article/AA-01393

Solution :

Upgrade to ISC BIND version 9.9.8-P3 / 9.9.8-S4 / 9.10.3-P3 or later.

Note that BIND 9 version 9.9.9-S3 is available exclusively for
eligible ISC Support customers.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: DNS

Nessus Plugin ID: 92493 ()

Bugtraq ID:

CVE ID: CVE-2016-2775

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now