ISC BIND 9.x < 9.9.9-P3 Options Sections DoS
Medium Nessus Plugin ID 94611
SynopsisThe remote name server is affected by a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the instance of ISC BIND running on the remote name server is 9.x prior to 9.9.9-P3. It is, therefore, affected by a denial of service vulnerability when handling malformed options sections. An unauthenticated, remote attacker can exploit this, via a specially crafted OPT resource record, to cause an assertion failure, resulting in a daemon exit.
SolutionUpgrade to ISC BIND version 9.9.9-P3 / 9.10.4-P3 / 9.11.0 or later.