TTCSIRT-093.030218: TT-CSIRT Advisory – BIND Security Updates
The Internet Systems Consortium (ISC) has released a security update stating that a vulnerability in the Berkeley Internet Name Domain (BIND) has been found which, if exploited an attacker, could cause a Denial of Service (DoS) condition.
This vulnerability is caused by a malformed packet BIND erroneously selecting a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn’t contain all of the expected information.
Further information on this vulnerability and how it can be fixed can be found at https://kb.isc.org/article/AA-01562/74/CVE-2018-5734 |