PT-1997-1085 · Isc · Bind
Published
1997-07-01
·
Updated
2022-08-17
·
CVE-1999-0184
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
bind (affected versions not specified)
Description
The issue allows malicious modification of DNS records due to the ability to perform dynamic updates to the DNS server when compiled with the -DALLOW UPDATES option.
Recommendations
For versions compiled with the -DALLOW UPDATES option, consider disabling dynamic updates to prevent malicious modification of DNS records until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bind