| VID |
19061 |
| Severity |
40 |
| Port |
79 |
| Protocol |
TCP,UDP |
| Class |
DNS |
| Detailed Description |
ISC BIND (Berkeley Internet Name Daemon) is a server utility that implements the DNS (domain name service) protocol. It is widely used on the Internet. According to its version number, BIND version 9.11.x prior to 9.11.0rc3 are affected by a denial of service vulnerability within file buffer.c due to improper construction of responses to crafted requests. An unauthenticated, remote attacker can exploit this, via a specially crafted query, to cause an assertion failure, resulting in a daemon exit.
* Note: This check solely relied on the banner of the remote DNS server to assess this vulnerability, so this might be a false positive.
* References:
https://kb.isc.org/article/AA-01393
* Platforms Affected:
Internet Software Consortium, BIND version 9.11.x < 9.11.0rc3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.11.0rc3 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/downloads/BIND/ |
| Related URL |
CVE-2016-2776 (CVE) |
| Related URL |
93188 (SecurityFocus) |
| Related URL |
(ISS) |
|
