ISC BIND 9.x.x < 9.9.10-P1 / 9.10.x < 9.10.5-P1 / 9.11.x < 9.11.1-P1 Multiple Vulnerabilities

High Nessus Plugin ID 100996


The remote name server is affected by multiple vulnerabilities.


According to its self-reported version number, the instance of ISC BIND running on the remote name server is 9.x.x prior to 9.9.10-P1, 9.10.x prior to 9.10.5-P1, or 9.11.x prior to 9.11.1-P1. It is, therefore, affected by multiple vulnerabilities :

- A denial of service vulnerability exists when processing Response Policy Zone (RPZ) rule types. An unauthenticated, remote attacker can exploit this, via a specially crafted query, to cause an infinite loop condition that degrades the server's functionality.

- A privilege escalation vulnerability exists in the BIND installer for Windows due to using an unquoted service path. A local attacker can exploit this to gain elevated privileges provided that the host file system permissions allow this. Note that non-Windows builds and installations are not affected. (CVE-2017-3141)


Upgrade to ISC BIND version 9.9.10-P1 / 9.9.10-S2 / 9.10.5-P1 / 9.10.5-S2 / 9.11.1-P1 or later. Note that BIND 9 versions 9.9.10-S2 and 9.10.5-S2 are available exclusively for eligible ISC Support customers.

See Also

Plugin Details

Severity: High

ID: 100996

File Name: bind9_9111_p1.nasl

Version: $Revision: 1.4 $

Type: remote

Family: DNS

Published: 2017/06/22

Modified: 2017/08/14

Dependencies: 10028

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:isc:bind

Required KB Items: bind/version, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/06/14

Vulnerability Publication Date: 2017/06/04

Reference Information

CVE: CVE-2017-3140, CVE-2017-3141

BID: 99088, 99089

OSVDB: 159122, 158475

EDB-ID: 42121