Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ISC BIND Dynamic Update Message Handling Remote DoS (deprecated)

High

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack

Description

The version of BIND installed on the remote host suggests that it suffers from a denial of service vulnerability, which may be triggered by sending a malicious dynamic update message to a zone for which the server is the master, even if that server is not configured to allow dynamic updates. Note that PVS obtained the version by observing the response to a 'version.bind', the value of which can be and sometimes is tweaked by DNS administrators.

Solution

Upgrade to BIND 9.4.3-P3 / 9.5.1-P3 / 9.6.1-P3 or later