New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 2.2
Synopsis
The remote name server is prone to a denial of service attack.
Description
According to its self-reported version number, the remote installation of BIND can be forced to crash via maliciously crafted DNS requests.
Note that this vulnerability only affects installs using the 'dns64' configuration option. Further note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually affected.
Solution
Upgrade to BIND 9.8.5 / 9.9.3 or later. Alternatively, disable DNS64 functionality via configuration options.