The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3498 advisory.

  - Every `named` instance configured to run as a recursive resolver maintains a cache database holding the     responses to the queries it has recently sent to authoritative servers. The size limit for that cache     database can be configured using the `max-cache-size` statement in the configuration file; it defaults to     90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the     configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets     from the cache, to keep memory use below the configured limit. It has been discovered that the     effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the     resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size`     limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0     through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
    (CVE-2023-2828)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DLA-3498-1 : bind9 - LTS security update

high Nessus Plugin ID 178479

Version 1.1

Version 1.0

Version 1.1 Sep 21, 2023, 4:26 PM IAVM reference Plugin Feed: 202309211626
Version 1.0 Jul 19, 2023, 7:58 PM New Plugin Feed: 202307191958