The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 prior to 9.4.3-P3, 9.5 prior to 9.5.1-P3, and 9.6 prior to 9.6.1-P1, when configured as a master server, allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 9.6.1 |
||
isc bind 9.6 |
||
isc bind 9.6.0 |
||
isc bind 9.5.0 |
||
isc bind 9.4.3 |
||
isc bind 9.4.2 |
||
isc bind 9.4.0 |
||
isc bind 9.4 |
||
isc bind 9.5 |
||
isc bind 9.4.1 |