ISC.BIND.deny-answer-aliases.Assertion.Failure.DoS
Description
This indicates an attack attempt to exploit a Denial Of Service Vulnerability in ISC BIND.
The vulnerability is due to a fault in the DNS protocol when handling a crafted packet. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.
Affected Products
ISC BIND 9.10.0 - 9.10.8
ISC BIND 9.11.0 - 9.11.4
ISC BIND 9.12.0 - 9.12.2
ISC BIND 9.13.0 - 9.13.2
ISC BIND 9.7.0 - 9.8.8
ISC BIND 9.9.0 - 9.9.13
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://kb.isc.org/article/AA-01639/74/CVE-2018-5740%3A-A-flaw-in-the-deny-answer-aliases-feature-can-cause-an-INSIST-assertion-failure-in-named.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-27 | 13.459 | Sig Added |
2018-09-26 | 13.458 | Default_action:pass:drop |