F5 Networks BIG-IP : DNSSEC BIND vulnerability (SOL10898)
Low Nessus Plugin ID 78124
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionUnspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed 'at the same time as requesting DNSSEC records (DO).'
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL10898.