You are here

U-038: BIND 9 Resolver crashes after logging an error in query.c

November 16, 2011 - 8:37am

Addthis

  PROBLEM:

BIND 9 Resolver crashes after logging an error in query.c.

PLATFORM: 

Multiple version of BIND 9. Specific versions under investigation

 ABSTRACT: 

A remote server can cause the target connected client to crash. Organizations across the Internet are reporting crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crash after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))" Multiple versions are reported as being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and working to produce patches which avoid the crash.

 reference  LINKS: 

ISC Advisory: BIND 9
Secunia Advisory: SA46887
Vulnerability Report: ISC BIND 9.6.x
Vulnerability Report: ISC BIND 9.7.x
Vulnerability Report: ISC BIND 9.8.x

 IMPACT ASSESSMENT: 

High

 Discussion: 

A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).

 Impact: 

The vulnerability is caused due to an unspecified error when processing recursive queries. No further information is currently available.
NOTE: The vulnerability is currently being actively exploited.
The vulnerability is reported in version 9.x.

 Solution: 

Restrict access to trusted hosts (a workaround patch is under investigation - a workaround patch is currently being tested.)

 

Addthis