| VID |
19025 |
| Severity |
40 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
ISC BIND (Berkeley Internet Name Daemon) is a server utility that implements the DNS (domain name service) protocol. It is widely used on the Internet.
According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. A defect in the affected versions of BIND could cause the "named" process to exit when queried, if the server has recursion enabled and was configured with an RPZ zone containing certain types of records. Specifically, these are any DNAME record and certain kinds of CNAME records.
* Note: This check solely relied on the banner of the remote DNS server to assess this vulnerability, so this might be a false positive.
* References:
http://www.isc.org/software/bind/advisories/cve-2011-2465
* Platforms Affected:
Internet Software Consortium, BIND 9.8.x before 9.8.0-P3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.8.0-P3 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/products/BIND/ |
| Related URL |
CVE-2011-2465 (CVE) |
| Related URL |
48565 (SecurityFocus) |
| Related URL |
(ISS) |
|
