Security updates for the BIND nameserver available
Internet Systems Consortium, Inc. (ISC) has published a vulnerability of their BIND nameserver, which may be exploited to crash a server. The bug is related to the query_addsoa function and can be provoked by sending a specific sequence of manipulated queries to the server. While ISC does not provide more detailed information on this issue, the severity of this problem is rated as critical. Affected versions include BIND 9.4.0, BIND 9.5.0a1, 9.5.0a2, and 9.5.0a3. Version 9.5.0x is not publicly available. Updating to BIND 9.4.1 or BIND 9.5.0a4 will remedy this vulnerability; an alternative workaround is to disable recursion.
- BIND 9: query_addsoa DoS, advisory by ISC
(mba)