ISC BIND DNS64 REQUIRE Assertion Failure Denial of Service Vulnerability

Last Update Date: 7 Dec 2012 Release Date: 6 Dec 2012 5392 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Network Management

TYPE: Network Management

A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).

 

The vulnerability is caused due to an error within the DNS64 IPv6 transition mechanism when handling certain queries, which can be exploited to trigger a REQUIRE assertion and crash the server via a specially crafted DNS query.

 

Successful exploitation requires that DNS64 is turned on.

Impact

  • Denial of Service

System / Technologies affected

  • ISC BIND 9.8.x
  • ISC BIND 9.9.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 9.8.4-P1 or 9.9.2-P1.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apache Tomcat Multiple Vulnerabilities

6 Dec 2012 5557 Views

Next

IBM WebSphere Application Server Java Multiple Vulnerabilities

11 Dec 2012 5458 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY