Think you have a false positive on this rule?

Sid 1-35943


    PROTOCOL-DNS ISC BIND TKEY query processing denial of service attempt


    Confidentiality Impact: NONE Integrity Impact: NONE Availability Impact: COMPLETE

Detailed Information:

    named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

Affected Systems:

    isc bind 9.10.2 p2
    isc bind 9.9.7 p1

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches


    No data available

Additional References: