| + |
- CVE-2018-5736 |
| + |
|
| + |
For servers which must receive notifies to keep slave zone contents |
| + |
current, no complete workarounds are known although restricting BIND to |
| + |
only accept NOTIFY messages from authorised sources can greatly |
| + |
mitigate the risk of attack. |
| + |
|
| + |
- CVE-2018-5737 |
| + |
|
| + |
Setting "max-stale-ttl 0;" in named.conf will prevent exploitation of |
| + |
this vulnerability (but will effectively disable the serve-stale |
| + |
feature.) |