TTCSIRT-093.030218: TT-CSIRT Advisory – BIND Security Updates

The Internet Systems Consortium (ISC) has released a security update stating that a vulnerability in the Berkeley Internet Name Domain (BIND) has been found which, if exploited an attacker, could cause a Denial of Service (DoS) condition.

This vulnerability is caused by a malformed packet BIND erroneously selecting a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn’t contain all of the expected information.