SynopsisThe remote name server is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the remote installation of BIND is affected by multiple vulnerabilities :
- A flaw exists that allows access to a cache via recursion even though the ACL disallows it. Note that this only occurs if BIND is operating as both an authoritative and recursive name server in the same view.
- If BIND, acting as a DNSSEC validating server, has two or more trust anchors configured in named.conf for the same zone and the response for a record in that zone from the authoritative server includes a bad signature, the validating server will crash while trying to validate that query.
SolutionUpgrade to BIND 9.7.2-P2 or later.