Skip to main content

ISC BIND Resource Record Denial of Service Vulnerability

Last Update Date: 14 Sep 2012 11:38 Release Date: 14 Sep 2012 4966 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).  The vulnerability is caused due to an assertion error when processing resource records having RDATA greater than 65535 bytes. This can be exploited to e.g. crash a recursive server via a query that requests a record from an authoritative server.


Impact

  • Denial of Service

System / Technologies affected

  • ISC BIND 9.6.x
  • ISC BIND 9.7.x
  • ISC BIND 9.8.x
  • ISC BIND 9.9.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link