ISC BIND 9 libdns Regular Expressions Handling DoS
High Nessus Network Monitor Plugin ID 6811
The remote DNS server may be affected by a denial of service vulnerability
The remote host is running Bind, a popular name server. Versions of BIND earlier than 9.8.4-P2 / 9.9.2-P2 are potentially affected by a denial of service vulnerability. Affected versions of BIND can be forced to crash via memory exhaustion caused by specially crafted regular expressions. Note this vulnerability only affects Unix and Unix-like systems when the application has been compiled to include regular expression support
Upgrade to BIND 9.8.4-P2 / 9.9.2-P2 or later, or apply the vendor supplied patch. Alternatively, the application can be recompiled without regular expression support as a workaround.