[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strange Bind 9 crash (lenny, squeeze)

On Fri, May 27, 2011 at 10:04, mailing@securitylabs.it <mailing@securitylabs.it> wrote:
On 26/05/2011 22:53, Jan Ingvoldstad wrote:

At $workplace, two of our internal, caching DNS servers, running Bind
9 experienced crashes in quick order today.

Hello, may be it has something related to this?

*Summary:* A BIND 9 DNS server set up to be a caching resolver is
vulnerable to a user querying a domain with very large resource record
sets (RRSets) when trying to negatively cache a response. This can
cause the BIND 9 DNS server (named process) to crash.

*Document ID:* CVE-2011-1910

Yes, that one might be relevant. Thanks!

*Exploit Status:* High. This issue has caused un-intentional outages.

Indeed. :)


Reply to: