ISC BIND 9 Dynamic Update Handling Remote DoS (intrusive check)

medium Nessus Plugin ID 40450

Synopsis

The remote name server may be affected by a denial of service vulnerability.

Description

It is possible to kill the remote DNS server by sending it a specially crafted dynamic update message to a zone for which the server is a master.

Note that this plugin requires knowledge of the target host's FQDN.

Solution

Upgrade to BIND 9.4.3-P3 / 9.5.1-P3 / 9.6.1-P3 or later.

Plugin Details

Severity: Medium

ID: 40450

File Name: bind9_dyn_update_DoS.nasl

Version: 1.13

Type: remote

Family: DNS

Published: 7/31/2009

Updated: 3/19/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2009-0986

Vulnerability Information

CPE: cpe:/a:isc:bind

Required KB Items: DNS/udp/53

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/28/2009

Vulnerability Publication Date: 7/28/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-0696

BID: 35848

CWE: 16