ISC BIND Dynamic Update Message Handling Remote DoS (deprecated)

high Nessus Network Monitor Plugin ID 5107


The remote host is vulnerable to a Denial of Service (DoS) attack


The version of BIND installed on the remote host suggests that it suffers from a denial of service vulnerability, which may be triggered by sending a malicious dynamic update message to a zone for which the server is the master, even if that server is not configured to allow dynamic updates. Note that NNM obtained the version by observing the response to a 'version.bind', the value of which can be and sometimes is tweaked by DNS administrators.


Upgrade to BIND 9.4.3-P3 / 9.5.1-P3 / 9.6.1-P3 or later

See Also

Plugin Details

Severity: High

ID: 5107

Family: DNS Servers

Published: 7/29/2009

Updated: 3/6/2019

Nessus ID: 40422

Risk Information


Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:F/RL:OF/RC:C


Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:isc:bind

Patch Publication Date: 7/28/2009

Vulnerability Publication Date: 7/28/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-0696

BID: 35848