K14204: BIND vulnerability CVE-2011-4313

Security Advisory Description ISC reports that query.c in BIND may allow remote attackers to cause a denial-of-service assertion failure and named exit. The vulnerability uses unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. Th...

bind -- denial of service vulnerability

ISC reports: A query name which is too long can cause a segmentation fault in lwresd...

bind -- denial of service vulnerability

ISC reports: An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c...

bind -- denial of service vulnerability

ISC reports: A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c...

bind -- denial of service vulnerability

ISC reports: Specific APL data could trigger an INSIST in apl42.c...

bind -- denial of service vulnerability

ISC reports: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query...

dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion

ISC reports: A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns...

dns/bind9* -- Heavy DNSSEC Validation Load Can Cause a 'Bad Cache' Assertion Failure

ISC reports: High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a 'bad cache' data structure before it has been initialized. BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken...