ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability Network Vulnerability

Summary

ISC BIND 9 is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of- service attacks. Versions prior to the following are vulnerable: BIND 9.4.3-P4 BIND 9.5.2-P1 BIND 9.6.1-P2

Solution

Updates are available. Please see the references for details.

References

http://www.isc.org/products/BIND/
http://www.securityfocus.com/bid/37118

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-4022
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Check SSL Weak Ciphers and Supported Ciphers
AFS client version
ICMP domain name request
Audacity Version Detection (Linux)
DefaultNav checker

Take action and discover your vulnerabilities