ISC BIND Denial of Service Vulnerability

Last Update Date: 15 Jan 2014 Release Date: 14 Jan 2014 3140 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in ISC BIND, which can be exploited by a remote user to cause denial of service (DoS) conditions.

 

A remote user can send a specially crafted query to an authoritative nameserver serving NSEC3-signed zones to cause the BIND service to crash.

 

Recursive-only servers are not affected.

Impact

  • Denial of Service

System / Technologies affected

  • ISC BIND 9.6.x to 9.6-ESV-R10-P1
  • ISC BIND 9.7 (All versions)
  • ISC BIND 9.8.0 to 9.8.6-P1
  • ISC BIND 9.9.0 to 9.9.4-P1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (9.6-ESV-R10-P2, 9.8.6-P2, 9.9.4-P2).

Vulnerability Identifier

Source

Related Link

Share with

Previous

Symantec Endpoint Protection Elevated Privilege Vulnerabilities

13 Jan 2014 3239 Views

Next

Google Chrome Multiple Vulnerabilities

15 Jan 2014 3108 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY