name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
AV:N/AC:L/Au:N/C:N/I:N/A:CIsc Bind
APPIsc9.10.09.10.19.10.29.7.09.7.19.7.29.7.39.7.49.7.59.7.69.7.79.8.09.8.19.8.29.8.3+ 11 więcej
Related vulnerabilities
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives...
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessi...
A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 vers...
Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Inte...
A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domai...