ISC BIND 9.7.x < 9.9.7-P2 / 9.10.x < 9.10.2-P3 TKEY Query Handling Remote DoS
High Nessus Plugin ID 85241
SynopsisThe remote name server is affected by a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the installation of ISC BIND on the remote name server is potentially affected by a denial of service vulnerability due to a REQUIRE assertion flaw that occurs while handling TKEY queries. A remote attacker can exploit this by using a specially crafted TKEY query to crash the daemon.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to BIND version 9.9.7-P2 / 9.10.2-P3 or later, or apply the patch referenced in the advisory.