| VID |
19013 |
| Severity |
40 |
| Port |
53 |
| Protocol |
TCP,UDP |
| Class |
DNS |
| Detailed Description |
The BIND daemon, according to its version number, is vulnerable to an inverse query overflow, and enables the Inverse Query (IQUERY) feature. BIND versions prior to 4.9.7 and BIND versions prior to 8.1.2 are vulnerable to this vulnerability. By sending a maliciously formatted DNS message, a remote attacker can overflow a buffer and cause the BIND server to crash. The attacker also can use this vulnerability to execute arbitrary code on the affected system with root privileges.
* Note: This check solely relied on the version number of the remote BIND Server to assess this vulnerability, so this might be a false positive.
* References:
http://www.cert.org/advisories/CA-98.05.bind_problems.html
* Platforms Affected:
BIND 4 releases prior to 4.9.7
BIND 8 releases prior to 8.1.2 |
| Recommendation |
Configure the affected DNS server to disable inverse queries. See the document at http://www.acmebw.com/resources/papers/securing.pdf
-- AND --
Upgrade to the latest version of BIND or apply the appropriate patch for your system, as listed in CERT advisory CA-98.05.bind_problems at http://www.cert.org/advisories/CA-98.05.bind_problems.html . |
| Related URL |
CVE-1999-0009 (CVE) |
| Related URL |
134 (SecurityFocus) |
| Related URL |
895 (ISS) |
|
