You are here

V-204: A specially crafted query can cause BIND to terminate abnormally

July 27, 2013 - 4:35am

Addthis

PROBLEM:

A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query.
 

PLATFORM:

BIND 9.7

ABSTRACT:

A specially crafted query sent to a BIND nameserver can cause it to crash (terminate abnormally).

REFERENCE LINKS:

ISC Knowledge Base
CVE-2013-4854 

IMPACT ASSESSMENT:

High

DISCUSSION:

BIND is an implementation of the Domain Name System (DNS) protocols. Authoritative and recursive servers are equally vulnerable.  Intentional exploitation of this condition can cause a denial of service in all nameservers running affected versions of BIND 9.  Access Control Lists do not provide any protection from malicious clients.In   addition to the named server, applications built using libraries from the affected source distributions may crash with assertion failures triggered in the same fashion.

IMPACT:

A specially crafted DNS query could cause the DNS service to terminate leading to a Denial of Service.  This security issue can be exploited remotely and has been seen in the wild by multiple ISC customers.

SOLUTION:

Upgrade to the patched release most closely related to your current version of BIND.  Open source versions can all be downloaded.  Subscription version customers will be contacted directly by ISC Support regarding delivery. BIND 9 version 9.8.5-P2 BIND 9 version 9.9.3-P2 BIND 9 version 9.9.3-S1-P1 (Subscription version available via DNSco).
 

Addthis