ISC BIND < 8.3.4 Multiple Remote Vulnerabilities (deprecated)

High Nessus Network Monitor Plugin ID 1006

Synopsis

The remote host is vulnerable to multiple remote overflows

Description

The remote BIND server is vulnerable to three different vulnerabilities :
1) The remote BIND server, based on its version number, if running recursive DNS functionality, is vulnerable to a buffer overflow.
2) The remote BIND server is vulnerable to a denial of service (crash) via SIG RR elements with invalid expiry times.
3) The remote BIND server is vulnerable to a denial of service.
When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is attached, the server may fail.

Solution

Upgrade to BIND 8.3.4 or newer

Plugin Details

Severity: High

ID: 1006

Family: DNS Servers

Published: 2004/08/18

Modified: 2018/09/16

Dependencies: 1000

Nessus ID: 10886

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:isc:bind:8

Reference Information

CVE: CVE-2002-0029, CVE-2002-1221, CVE-2002-1219, CVE-2002-1220

BID: 6159, 6160, 6161, 6186