The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3816 advisory.

  - Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote     attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the     KeyTrap issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the     protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG     records. (CVE-2023-50387)

  - The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped)     allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC     responses in a random subdomain attack, aka the NSEC3 issue. The RFC 5155 specification implies that an     algorithm must perform thousands of iterations of a hash function in certain situations. (CVE-2023-50868)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian dla-3816 : bind9 - security update

high Nessus Plugin ID 197488

Version 1.1

Version 1.0

Version 1.1 Jul 26, 2024, 11:33 AM IAVM reference Plugin Feed: 202407261133
Version 1.0 May 17, 2024, 11:56 PM New Plugin Feed: 202405172356