| VID |
19008 |
| Severity |
30 |
| Port |
79 |
| Protocol |
TCP,UDP |
| Class |
DNS |
| Detailed Description |
The BIND version has a denial-of-service vulnerability due to a bug in the dns_message_findtype() routine.
BIND (Berkeley Internet Name Daemon) is the most popular a server program that implements the Domain Name Service protocol for Unix and Linux DNS servers. Versions of BIND 9 prior to 9.2.1 have a bug that causes the BIND name server (named) to fail an internal consistency check by a malformed DNS packet requests, causing the name server to shut down.
The internal consistency check that triggers the shutdown occurs when the rdataset parameter to the dns_message_findtype() routine in message.c is not NULL as expected. The condition causes the code to assert an error message and call abort() to shut down the BIND server.
A remote attackers may use this vulnerability to shut down the name servers on the target system. However, this vulnerability will not allow an attacker to execute arbitrary code or write data to arbitrary locations in memory.
* Note : this check item solely relies on the BIND's version number.
* References:
http://online.securityfocus.com/bid/4936
http://online.securityfocus.com/bid/4936 |
| Recommendation |
Apply a patch from your vendor or upgrade to BIND 9.2.1 or later, available from:
http://www.isc.org/products/BIND/bind9.html |
| Related URL |
CVE-2002-0400 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
