| VID |
19021 |
| Severity |
20 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
The BIND daemon, according to its version number, has a denial of service vulnerability in the query_addsoa function. ISC BIND (Berkeley Internet Name Daemon) is a server utility that implements the DNS (domain name service) protocol. It is widely used on the Internet. BIND version 9.4.0, and versions 9.5.0a1 through to 9.5.0a3 are vulnerable to a denial of service attack, caused by improper handling of recursive queries processed by the query_addsoa function. A remote attacker could exploit this vulnerability to cause the service to crash.
* Note: This check solely relied on the banner of the remote DNS server to assess this vulnerability, so this might be a false positive.
* References:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://marc.info/?l=bind-announce&m=117798912418849&w=2
http://marc.info/?l=bind-users&m=117781099030155&w=2
http://www.frsirt.com/english/advisories/2007/1593
http://securitytracker.com/alerts/2007/Apr/1017985.html
http://secunia.com/advisories/25070
* Platforms Affected:
Internet Software Consortium, BIND version 9.4.0
Internet Software Consortium, BIND versions 9.5.0a1 through to 9.5.0a3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.4.1 or 9.5.0a4 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/products/BIND/ |
| Related URL |
CVE-2007-2241 (CVE) |
| Related URL |
23738 (SecurityFocus) |
| Related URL |
33988 (ISS) |
|
