ISC BIND < 8.3.7 / 8.4.3 Negative Record Cache Poisoning

high Nessus Plugin ID 11932

Language:

Synopsis

It is possible to disable the remote name server remotely.

Description

The remote BIND server, according to its version number, is vulnerable to a negative cache poison bug that may allow an attacker to disable this service remotely.

Solution

Upgrade to BIND 8.3.7 or 8.4.3

Plugin Details

Severity: High

ID: 11932

File Name: bind_negative_cache_dos.nasl

Version: 1.19

Type: remote

Family: DNS

Published: 11/27/2003

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:isc:bind

Required KB Items: bind/version

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/26/2003

Reference Information

CVE: CVE-2003-0914

BID: 9114

Secunia: 10300

SuSE: SUSE-SA:2003:047

Detections

Analytics