Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

ISC bind named DNS server DoS
updated since 29.07.2009
Published: 30.07.2009
Source: BUGTRAQ
SecurityVulns ID: 10109
Type: remote
Level: 8/10
Description: Crash on dynamic update message with ANY type (disablind dynamic updates doesn't eliminate problem).

Affected: BIND : bind 9.4
BIND : bind 9.5
ISC : bind 9.6
CVE: CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.)

Original document ISC, BIND Dynamic Update DoS (29.07.2009)

FREEBSD, FreeBSD Security Advisory FreeBSD-SA-09:12.bind (29.07.2009)

Files: ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

test server