VULNERABILITIES / FIXES - December 05, 2012
by Carol~ - 12/5/12 11:53 AM
ISC BIND DNS64 REQUIRE Assertion Failure Denial of Service Vulnerability
Release Date : 2012-12-05
Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: ISC BIND 9.8.x
ISC BIND 9.9.x
A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the DNS64 IPv6 transition mechanism when handling certain queries, which can be exploited to trigger a REQUIRE assertion and crash the server via a specially crafted DNS query.
Successful exploitation requires that DNS64 is turned on.
The vulnerability is reported in versions 9.8.0 through 9.8.4 and 9.9.0 through 9.9.2.
Update to version 9.8.4-P1 or 9.9.2-P1.
Provided and/or discovered by:
The vendor credits BlueCat Networks.