Computer Security
[EN] securityvulns.ru no-pyccku


ISC bind named DNS server DoS
updated since 29.07.2009
Published:30.07.2009
Source:
SecurityVulns ID:10109
Type:remote
Threat Level:
8/10
Description:Crash on dynamic update message with ANY type (disablind dynamic updates doesn't eliminate problem).
Affected:BIND : bind 9.4
 BIND : bind 9.5
 ISC : bind 9.6
CVE:CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.)
Original documentdocumentISC, BIND Dynamic Update DoS (29.07.2009)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-09:12.bind (29.07.2009)
Files:ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod