SUSE CVE-2019-6465

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 o...

bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable

It was found that the controls for zone transfer were not properly applied to Dynamically Loadable Zones DLZs. An attacker acting as a DNS client could use this flaw to request and receive a zone transfer of a DLZ even when not permitted to do so by the "allow-transfer" ACL...