Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ISC BIND 9 Assertion Error Resource Record RDATA Query Parsing Remote DoS

Medium

Synopsis

The remote DNS server may be affected by a denial of service vulnerability

Description

The remote host is running Bind, a popular name server.

Versions of BIND earlier than 9.6-ESV-R7-P3 / 9.6-ESV-R8 / 9.7.6-P3 / 9.7.7 / 9.8.3-P3 / 9.8.4 / 9.9.1-P3 / 9.9.2 are potentially affected by a denial of service vulnerability. Affected versions of BIND will exit with an assertion failure if a resource record with RDATA in excess of 65535 bytes is loaded and then subsequently queried

Solution

Upgrade to BIND 9.6-ESV-R7-P3 / 9.6-ESV-R8 / 9.7.6-P3 / 9.7.7 / 9.8.3-P3 / 9.8.4 / 9.9.1-P3 / 9.9.2 or later.