Summary
BIND 'NAMED' is an open-source DNS server from ISC.org. Many proprietary DNS servers are based on BIND source code.
The BIND based NAMED servers (or DNS servers) allow remote users to query for version and type information. The query of the CHAOS TXT record 'version.bind', will typically prompt the server to send the information back to the querying source.
Solution
Using the 'version' directive in the 'options' section will block the 'version.bind' query, but it will not log such attempts.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities - 01 Mar14
- Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
- Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)