F5 Networks BIG-IP : BIND vulnerability (K10092301)
Medium Nessus Plugin ID 127495
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. (CVE-2019-6471)
A remote attacker, who could cause the BIND resolver to perform queries on a server, which responds deliberately with malformed answers, can cause named to exit and result in a denial-of-service (DoS) condition.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K10092301.