Internet Systems Consortium Security Advisory.
BIND 9: query_addsoa DoS
30 April 2007
Versions affected:
BIND 9.4.0
BIND 9.5.0a1, 9.5.0a2, 9.5.0a3
[BIND 9.5.0* have only been released to BIND Forum members]
Severity: High
Description:
A sequence of queries can cause a recursive nameserver to exit.
While it is unlikely these will occur in normal operation,
an attack can use them to cause the affected versions to exit.
This attack is a denial of service, and does not allow an attacker
to gain control of affected systems.
Workaround:
Disable recursion if it is not required by your configuration.
recursion no;
Fix:
Upgrade to BIND 9.4.1 or BIND 9.5.0a4.
Questions should be addressed to bind9-bugs@isc.org.
CVE: CVE-2007-2241
Revision History:
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Apr 30 21:30:50 2007
This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 21:30:50 AKDT