ISC BIND DNS Resource Records Handling Vulnerability
RISK: High Risk
TYPE: Servers - Other Servers
A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling DNS resource records and can be exploited to e.g. cause recursive servers to crash or disclose certain memory to clients via records containing zero length rdata.
Impact
- Denial of Service
System / Technologies affected
- ISC BIND 9.2.x
- ISC BIND 9.3.x
- ISC BIND 9.4.x
- ISC BIND 9.5.x
- ISC BIND 9.6.x
- ISC BIND 9.7.x
- ISC BIND 9.8.x
- ISC BIND 9.9.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, or 9.9.1-P1.
Vulnerability Identifier
Source
Related Link
Share with