ISC BIND DNS Resource Records Handling Vulnerability

Last Update Date: 5 Jun 2012 12:04 Release Date: 5 Jun 2012 5445 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling DNS resource records and can be exploited to e.g. cause recursive servers to crash or disclose certain memory to clients via records containing zero length rdata.

Impact

  • Denial of Service

System / Technologies affected

  • ISC BIND 9.2.x
  • ISC BIND 9.3.x
  • ISC BIND 9.4.x
  • ISC BIND 9.5.x
  • ISC BIND 9.6.x
  • ISC BIND 9.7.x
  • ISC BIND 9.8.x
  • ISC BIND 9.9.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, or 9.9.1-P1.

 

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Includes Some Invalid Certificates Vulnerability

5 Jun 2012 4836 Views

Next

Adobe Flash Professional and Photoshop Buffer Overflow Vulnerability

10 May 2012 5127 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY