ISC BIND Resource Record Denial of Service Vulnerability
Last Update Date:
14 Sep 2012 11:38
Release Date:
14 Sep 2012
4966
Views
RISK: High Risk
TYPE: Servers - Other Servers
A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error when processing resource records having RDATA greater than 65535 bytes. This can be exploited to e.g. crash a recursive server via a query that requests a record from an authoritative server.
Impact
- Denial of Service
System / Technologies affected
- ISC BIND 9.6.x
- ISC BIND 9.7.x
- ISC BIND 9.8.x
- ISC BIND 9.9.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply patches or update to a fixed release (please see the vendor's advisory for details).
https://kb.isc.org/article/AA-00778/74
Vulnerability Identifier
Source
Related Link
Share with