ISC BIND 9 Multiple Remote DoS

medium Nessus Plugin ID 22311

Synopsis

The remote name server may be affected by multiple denial of service vulnerabilities.

Description

The version of BIND installed on the remote host suggests that it suffers from multiple denial of service vulnerabilities that could be triggered by either by sending a large volume of recursive queries or queries for SIG records where there are multiple SIG(covered) RRsets.

Note that Nessus obtained the version by sending a special DNS request for the text 'version.bind' in the domain 'chaos', the value of which can be and sometimes is tweaked by DNS administrators.

Solution

Upgrade to BIND 9.4.0b2 / 9.3.3rc2 / 9.3.2-P1 / 9.2.7rc2 / 9.2.6-P1 or later.

See Also

http://www.nessus.org/u?16b13df1

Plugin Details

Severity: Medium

ID: 22311

File Name: bind9_dos2.nasl

Version: 1.22

Type: remote

Family: DNS

Published: 9/7/2006

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:isc:bind

Required KB Items: bind/version

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 9/6/2006

Reference Information

CVE: CVE-2006-2073, CVE-2006-4095, CVE-2006-4096

BID: 19859