Support
Eng
òÕÓ
Company
Home
Services
Solutions
Documentation
News and Events
 
 
 
Knowledgebase
Downloads
Glossary
Ask a Question
Search:     Advanced search
SHALB.com / Security Knowledgebase / Network Security / DNS / ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
server monitoring

ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
Article ID: 25121
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 430
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.

ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
This script is Copyright (C) 2007-2008 Tenable Network Security, Inc.

FamilyDNS
Plugin ID25121
Bugtraq ID23738
CVE IDCVE-2007-2241

Description:

Synopsis :

The remote name server is prone to a denial of service attack.


Description :

The version of BIND installed on the remote host reportedly is
affected by a denial of service vulnerability that may be triggered
when handling certain sequences of recursive queries.

See also :

http://marc.info/?l=bind-users&m=117781099030155&w=2
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://marc.info/?l=bind-announce&m=117798912418849&w=2

Solution :

Either disable recursion or upgrade to BIND 9.4.1 / 9.5.0a4 or later.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
This article was:   Helpful | Not Helpful
Prev   Next
ISC BIND 9 Multiple Remote DoS     DNSSEC-aware Resolver

server monitoring

¿ 2010 "SHALB.com" All rights reserved
SHALB Home
Services
Solutions
Documentation
News and Events