ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning
Medium Nessus Network Monitor Plugin ID 5323
SynopsisThe remote DNS Server is vulnerable to a remote cache-poisoning attack.
DescriptionThe remote DNS Server is running Bind 9 earlier than 9.4.3-P5, 9.5.2-P1, or 9.6.1-P3. Such versions are potentially affected by a remote cache-poisoning attack. An error exists in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses to be cached as if they had validated correctly.
SolutionUpgrade to BIND 9.4.3-P5, 9.5.2-P2, 9.6.1-P3, or later.