ISC BIND < 8.3.4 Multiple Remote Vulnerabilities (deprecated)

high Nessus Network Monitor Plugin ID 1006

Synopsis

The remote host is vulnerable to multiple remote overflows

Description

The remote BIND server is vulnerable to three different vulnerabilities :
1) The remote BIND server, based on its version number, if running recursive DNS functionality, is vulnerable to a buffer overflow.
2) The remote BIND server is vulnerable to a denial of service (crash) via SIG RR elements with invalid expiry times.
3) The remote BIND server is vulnerable to a denial of service.
When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is attached, the server may fail.

Solution

Upgrade to BIND 8.3.4 or newer

Plugin Details

Severity: High

ID: 1006

Family: DNS Servers

Published: 8/18/2004

Updated: 3/6/2019

Nessus ID: 10886

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:isc:bind:8

Reference Information

CVE: CVE-2002-0029, CVE-2002-1219, CVE-2002-1220, CVE-2002-1221

BID: 6159, 6160, 6161, 6186