Intrusion PreventionISC.BIND.DNS.GSS-TSIG.Query.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in ISC Bind.
This vulnerability is due to improper input validation for incoming DNS message. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted DNS packet to the target server. Successfully exploiting this vulnerability could result in denial of service.
Affected Products
ISC Bind version 9.0.0 to 9.11.30
ISC Bind version 9.12.0 to 9.16.13
ISC Bind version 9.17.0 to 9.17.11
ISC Bind version 9.11.3-S1 to 9.11.29-S1
ISC Bind version 9.16.8-S1 to 9.16.13-S1
Siemens SINEC Infrastructure Network Service version 1.0.1.0 and prior
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the latest update or patch from the vendor.
https://www.isc.org/download/
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-10-12 | 22.412 | Sig Added |
| 2022-09-29 | 22.404 | Default_action:pass:drop |
| 2022-09-20 | 22.397 |
| ID | 52105 |
| Created | Sep 12, 2022 |
| Updated | Mar 29, 2023 |
| Risk |
|
| CVE ID | CVE-2021-25216 |
| Exploit Prediction Score | 33.62% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, MacOS |
| Affected App | Other |