The vulnerability of the DNS BIND server, related to insufficient validation of input data, allows attackers to execute DoS attacks.

The vulnerability of the DNS BIND server is related to insufficient validation of input data when processing the stale-answer-client-timeout parameter with a default value of 0, and the use of the CNAME record type in the cache for incoming requests. Exploiting this vulnerability allows an attack...

bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly

A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. By sending specific queries to the resolver, an attacker can cause named...

PT-2022-4939 · Isc +10 · Bind +10

Name of the Vulnerable Software and Affected Versions: BIND versions affected versions not specified Description: The issue is related to a flaw in the resolver code, allowing an attacker to cause the named service to crash by sending specific queries. This can lead to a denial of service DoS...