The default configuration of ISC BIND prior to 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote malicious users to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 9.3.2 |