BIND DNS 安全补丁检查漏洞

漏洞信息

漏洞名称： BIND DNS 安全补丁检查漏洞

漏洞类型： 配置问题

漏洞等级： 高危

漏洞描述： BIND DNS服务器是一个广泛使用的开源DNS软件，支持多种操作系统，常用于企业级DNS服务部署。由于其广泛的应用，BIND的安全问题直接影响到全球大量的DNS服务。本次发现的漏洞主要涉及BIND DNS服务器的版本安全问题，旧版本的BIND可能存在服务拒绝攻击、缓冲区溢出及远程代码执行等风险。漏洞的技术根源在于未及时应用安全补丁，导致已知的安全漏洞未被修复。这种配置问题使得攻击者可以利用已知的漏洞对DNS服务进行攻击，可能导致服务中断、数据泄露甚至服务器被完全控制。由于DNS服务的关键性，此类漏洞的影响范围广泛，攻击者无需认证即可利用，且可以自动化执行，因此构成了严重的安全威胁。

产品厂商： ISC

产品名称： BIND DNS

来源： https://github.com/projectdiscovery/nuclei-templates/blob/dfc176303ffebe3d9f231045fa3abe2cf2ca9874/misconfiguration%2Flinux%2Fdns-bind-version-check.yaml

类型： projectdiscovery/nuclei-templates:github issues

POC详情

id: dns-bind-version-patch

info:
  name: BIND DNS Version - Security Patch Check
  author: songyaeji
  severity: high
  description: >
    Older versions of the BIND DNS server may contain vulnerabilities such as Service Denial Attacks,
    Buffer Overflows, and remote code execution risks. This template checks if the BIND service (named) is running
    and retrieves its version to determine whether security patches have been applied.
  reference:
    - https://isms.kisa.or.kr
    - Cloud Vulnerability Assessment Guide(2024) by KISA
  tags: linux,dns,bind,patch,misconfiguration,local
  metadata:
    verified: true
    os: linux
    max-request: 2
  classification:
    cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 7.8
    cwe-id: CWE-1104

self-contained: true
code:
  - engine:
      - bash
    source: |
      ps -ef | grep named | grep -v grep || echo "named-not-running"
    matchers:
      - type: word
        part: code_1_response
        words:
          - "named"
        condition: contains

  - engine:
      - bash
    source: |
      named -v 2>/dev/null || echo "version-not-found"
    matchers:
      - type: regex
        part: code_2_response
        regex:
          - "BIND\\s+([0-9]+\\.[0-9]+\\.[0-9]+)"