F5 Networks BIG-IP : BIND vulnerability (K86272821)
Medium Nessus Plugin ID 96464
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionnamed in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.(CVE-2016-9131)
When the BIND recursion option is enabled, an attacker may exploit this vulnerability to cause the named process to restart.
Additionally, the restarted process does not trigger the BIG-IP system high availability (HA) failover event.
By default, the BIND recursion option is not enabled on BIG-IP DNS or GTM systems. If the BIND recursion option is enabled, BIG-IP DNS or GTM systems are vulnerable.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K86272821.