CVE-2006-0987

ISC Bind - Denial of Service

Title source: rule

Description

The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.

Exploits (2)

nomisec SCANNER 1 stars
by pcastagnaro · poc
https://github.com/pcastagnaro/dns_amplification_scanner
metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/dns/dns_amp.rb

References (4)

Scores

EPSS 0.3690
EPSS Percentile 97.1%

Classification

Status draft

Affected Products (1)

isc/bind

Timeline

Published Mar 03, 2006
Tracked Since Feb 18, 2026