Skip to main content

PCI Compliance

Aaron Hatton
Hello, I have a fresh install of WHM on a dedicated server with CloudLinux and after running a PCI Compliance scan the following is flagged: ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure dns (53/udp) CVE-2012-1667 How is best to go about rectifying this please. With Thanks Aaron

Comments

1 comment

Date Votes
  • cPanelMichael
    Hello, Updates to Bind are provided by operating system vendors (e.g. CentOS, RedHat). You can verify if the CVE you referenced is already backported to the version of Bind installed on your system with the following command:
    rpm -q --changelog bind | grep CVE-2012-1667
    You can then provide the output to the PCI compliance company to show them the issue is already addressed on your system. Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post