ISC BIND is prone to a security-bypass vulnerability and a denial-of- service vulnerability. Successfully exploiting these issues allows remote attackers to crash affected DNS servers, denying further service to legitimate users, bypass certain security restrictions and perform unauthorized actions. Other attacks are also possible. ISC BIND versions 9.7.2 through 9.7.2-P1 are vulnerable.

Vendor updates are available. Please see the references for more information.

• http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
• https://www.securityfocus.com/bid/43573

---

Updated on 2017-03-28