Amazon Linux AMI : bind (ALAS-2017-858)
Medium Nessus Plugin ID 101933
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionSecurity Fix(es): A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG(0) signature for a dynamic update request. A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able to communicate with an authoritative BIND server, could use this flaw to view the entire contents of a zone by sending a specially constructed request packet. (CVE-2017-3142 , CVE-2017-3143)
SolutionRun 'yum update bind' to update your system.