ISC BIND Zone Data DNS Query Handling Denial of Service Vulnerability

Systems Affected

Threat Level

Overview

Vulnerability has been reported in ISC BIND that could allow a remote attacker to cause Denial of Service condition.

Description

This vulnerability exists while handling certain zone data when configured to perform DNSSEC validation. A remote attacker could exploit this issue using specially crafted zone data which could cause named to exit unexpectedly with an assertion failure resulting in denial of service condition.

Impact

Solution/ Workarounds

  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.

References

http://www.cert-in.org.in/

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.