ISC BIND Dynamic Update Message Handling Remote DoS (deprecated)
High Nessus Network Monitor Plugin ID 5107
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack
DescriptionThe version of BIND installed on the remote host suggests that it suffers from a denial of service vulnerability, which may be triggered by sending a malicious dynamic update message to a zone for which the server is the master, even if that server is not configured to allow dynamic updates. Note that PVS obtained the version by observing the response to a 'version.bind', the value of which can be and sometimes is tweaked by DNS administrators.
SolutionUpgrade to BIND 9.4.3-P3 / 9.5.1-P3 / 9.6.1-P3 or later