Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.BIND9_9100_P2.NASL
HistoryJun 12, 2014 - 12:00 a.m.

ISC BIND 9 EDNS Processing DoS

2014-06-1200:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

85.1%

JSON

According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability. The issue exists due to an error in ‘libdns’ that fails to properly handle Extension Mechanisms for DNS (EDNS) options.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(74495);
  script_version("1.18");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2014-3859");
  script_bugtraq_id(68038);

  script_name(english:"ISC BIND 9 EDNS Processing DoS");
  script_summary(english:"Checks version of BIND.");

  script_set_attribute(attribute:"synopsis", value:
"The remote name server is affected by a denial of service
vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the remote installation
of BIND is affected by a denial of service vulnerability. The issue
exists due to an error in 'libdns' that fails to properly handle
Extension Mechanisms for DNS (EDNS) options.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://kb.isc.org/docs/aa-01166");
  script_set_attribute(attribute:"see_also", value:"https://lists.isc.org/pipermail/bind-announce/2014-June/000914.html");
  script_set_attribute(attribute:"see_also", value:"https://tools.ietf.org/html/rfc6891");
  script_set_attribute(attribute:"solution", value:
"Upgrade to BIND version 9.10.0-P2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3859");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/06/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/12");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:isc:bind");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"DNS");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("bind_version.nasl");
  script_require_keys("bind/version", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

ver = get_kb_item_or_exit("bind/version");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

# Check whether BIND is vulnerable, and recommend an upgrade.
fix = NULL;

# Vuln BIND 9.10.0.x < 9.10.0-P2
if (ver =~ "^9\.10\.0($|([ab][12]|rc[12]|-P1)$)")
  fix = '9.10.0-P2';
else
  audit(AUDIT_LISTEN_NOT_VULN, "BIND", 53, ver, "UDP");

if (report_verbosity > 0)
{
  report =
    '\n  Installed version : ' + ver +
    '\n  Fixed version     : ' + fix +
    '\n';
  security_warning(port:53, proto:"udp", extra:report);
}
else security_warning(port:53, proto:"udp");
VendorProductVersionCPE
iscbindcpe:/a:isc:bind

Related

openvas 2
cve 1
threatpost 1
debiancve 1
ubuntucve 1
checkpoint_advisories 2
prion 1
cvelist 1
nvd 1
nessus 1
openvas
openvas
ISC BIND EDNS Option Processing Denial of Service Vulnerability - Linux
2017-01-24 00:00:00
ISC BIND EDNS Option Processing Denial of Service Vulnerability - Windows
2017-01-24 00:00:00
cve
cve
CVE-2014-3859
2014-06-13 11:19:57
threatpost
threatpost
ISC Patches Critical DoS Vulnerability in BIND
2014-06-13 11:10:43
debiancve
debiancve
CVE-2014-3859
2014-06-13 11:19:57
ubuntucve
ubuntucve
CVE-2014-3859
2014-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
ISC BIND EDNS Option Processing Denial of Service - Ver2 (CVE-2014-3859)
2015-03-26 00:00:00
Non Compliant DNS (CVE-2014-3859; CVE-2016-2848; CVE-2016-5426)
2019-06-23 00:00:00
prion
prion
Authentication flaw
2014-06-13 11:19:00
cvelist
cvelist
CVE-2014-3859
2014-06-13 10:00:00
nvd
nvd
CVE-2014-3859
2014-06-13 11:19:57
nessus
nessus
ISC BIND 9.10.x < 9.10.1-P1 Multiple DoS
2014-12-15 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

85.1%

JSON
Related for BIND9_9100_P2.NASL
openvas2cve1threatpost1debiancve1ubuntucve1checkpoint_advisories2prion1cvelist1nvd1nessus1