ISC BIND Zone Data DNS Query Handling Denial of Service Vulnerability

Systems Affected

Threat Level

Overview

Vulnerability has been reported in ISC BIND that could allow a remote attacker to cause Denial of Service condition.

Description

This vulnerability exists while handling certain zone data when configured to perform DNSSEC validation. A remote attacker could exploit this issue using specially crafted zone data which could cause named to exit unexpectedly with an assertion failure resulting in denial of service condition.

Impact

Solution/ Workarounds

Upgrade to BIND versions 9.9.7-P1 or 9.10.2-P2
https://www.isc.org/downloads/

References

http://www.cert-in.org.in/

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.