ISC BIND < 4.9.5 Multiple DNS Resolver Functions Remote Overflow (deprecated)
Critical Nessus Network Monitor Plugin ID 1008
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote BIND server, according to its version number, is vulnerable to a remote buffer overflow within its resolver code. An attacker may be able to execute arbitrary code by having the remote DNS server make a request and send back a malicious DNS response with an invalid length field.
SolutionUpgrade to BIND 4.9.5 or newer.