Check Point Advisories

ISC BIND RRSIG RRsets Denial of Service (CVE-2011-1910)

Check Point Reference: CPAI-2011-110
Date Published: 15 Jul 2011
Severity: Critical
Last Updated: Thursday 25 August, 2011
Source:
Secunia Advisory: 44719
Industry Reference:

CVE-2011-1910

Protection Provided by:
Who is Vulnerable? ISC BIND 9.4.x prior to 9.4-ESV-R4-P1
ISC BIND 9.6.x prior to 9.6-ESV-R4-P1
ISC BIND 9.7.x priro to 9.7.3-P1
ISC BIND 9.8.x prior to 9.8.0-P2
Vulnerability Description A denial of service vulnerbality has been reported in ISC BIND's name server process (named). BIND (Berkeley Internet Name Domain) is an implementation of the DNS protocol and provides an openly redistributable reference implementation of the major components of the Domain Name System. Successful exploitation of this vulnerability may lead to a DoS condition, possibly causing the server to become unresponsive.
Vulnerability DetailsThe vulnerability is due to a flaw in BIND processing of certain DNSSEC messages. A remote attacker could trigger this flaw by querying a targeted caching resolver for non-existent names.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK