Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ISC BIND 9.10.x < 9.10.1-P1 Multiple DoS

High

Synopsis

The remote DNS server may be affected by multiple vulnerabilities.

Description

Versions of ISC BIND earlier than 9.10.1-P1 are unpatched for the following vulnerabilities:

- Denial of service vulnerability that can be triggered when handling a maliciously constructed query or zone request, causing the service to issue unlimited queries in an attempt to follow a delegation (CVE-2014-8500)

- Denial of service vulnerability in the pre-fetch feature that is triggered when the response to a specially crafted DNS query contains particular attributes. (CVE-2014-3214)

- Denial of service vulnerability in EDNS option processing (CVE-2014-3859)

- Denial of service in three unspecified flaws in the GeoIP feature (CVE-2014-8680)

Solution

Updates have been released by the vendor. BIND 9.10.1-P1 fixes this vulnerability. Apply the vendor update, or update to a later version.