Intrusion Prevention

ISC.BIND.Query.AddSOA.DoS

Description

This vulnerability is in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3. When recursion is enabled, it allows remote attackers to cause a denial of service via a sequence of queries when they are processed by the query_addsoa function.

Affected Products

ISC BIND 9.40, 9.5.0a1, 9.5.0a2, and 9.5.0a3 are vulnerable.

Impact

Denial of Service.

Recommended Actions

Upgrade to BIND 9.4.1 or BIND 9.5.0a4.

CVE References

CVE-2007-2241