FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dns/bind9* -- A recursive resolver can be crashed by a query for a malformed zone

Affected packages
9.9.3 < bind99 <
9.9.3 < bind99-base <
9.8.5 < bind98 <
9.8.5 < bind98-base < < bind96 < < bind96-base <


VuXML ID 72f35727-ce83-11e2-be04-005056a37f68
Discovery 2013-06-04
Entry 2013-06-06
Modified 2013-06-07

ISC reports:

A bug has been discovered in the most recent releases of BIND 9 which has the potential for deliberate exploitation as a denial-of-service attack. By sending a recursive resolver a query for a record in a specially malformed zone, an attacker can cause BIND 9 to exit with a fatal "RUNTIME_CHECK" error in resolver.c.


CVE Name CVE-2013-3919