Summary
ISC BIND is prone to a remote denial-of-service vulnerability because the application fails to properly handle specially crafted dynamic update requests.
Successfully exploiting this issue allows remote attackers to crash affected DNS servers, denying further service to legitimate users.
Versions prior to BIND 9.4.3-P3, 9.5.1-P3, and 9.6.1-P1 are vulnerable.
Solution
The vendor released an advisory and fixes to address this issue.
Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2009-0696 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities