The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 up to and including 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote malicious users to make recursive queries and query the cache.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 9.4.0 |
||
isc bind 9.4.1 |
||
isc bind 9.5.0 |