ISC BIND < 9.5.0a6 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 4147
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running a version of BIND DNS Server prior to 9.4.1-P1. This version of BIND is vulnerable to a number of flaws that would allow cache poisoning and Denial of Service (DoS) attacks. An attacker exploiting these flaws would need to be able to manipulate the vulnerable DNS server to contact a malicious DNS server. Successful exploitation would lead to cache-poisoning attacks or a loss of availability.
SolutionUpgrade to version 9.5.0a6 or higher.