| VID |
19095 |
| Severity |
30 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-1183 advisory.
- An assertion failure can be triggered if a TLS connection to a configured http TLS listener with a defined endpoint is destroyed too early.On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf . TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. (CVE-2022-1183)
* References:
https://kb.isc.org/v1/docs/cve-2022-1183
* Platforms Affected:
Internet Software Consortium, BIND version 9.18.0 < 9.18.3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.18.4 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/downloads/BIND/ |
| Related URL |
CVE-2022-1183 (CVE) |
| Related URL |
103189 (SecurityFocus) |
| Related URL |
(ISS) |
|
