| VID |
19017 |
| Severity |
40 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
The BIND daemon, according to its version number, has a buffer overflow vulnerability in the 'q_usedns' buffer. ISC BIND (Berkeley Internet Name Daemon) is a server utility that implements the DNS (domain name service) protocol. It is widely used on the Internet. BIND versions 8.4.4 and 8.4.5 are vulnerable to a buffer overflow vulnerability in the handling of the 'q_usedns' array used by the server to track nameservers and addresses that have been queried. A remote attacker could exploit this vulnerability by sending a malicious request that includes an excessively long name server address. It might allow the attacker to trigger a denial of service condition or possibly execute arbitrary code on the affected system.
* Note: This check solely relied on the version number of the remote BIND server to assess this vulnerability, so this might be a false positive.
* References:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/327633
http://www.niscc.gov.uk/niscc/docs/al-20050125-00059.html?lang=en
* Platforms Affected:
ISC BIND 8.4.4
ISC BIND 8.4.5
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of ISC BIND (8.4.6 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/index.pl?/sw/bind/ |
| Related URL |
CVE-2005-0033 (CVE) |
| Related URL |
12364 (SecurityFocus) |
| Related URL |
(ISS) |
|
