F5 Networks BIG-IP : BIND vulnerability (K14386)
High Nessus Plugin ID 78148
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionlibdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K14386.