ISC Information for VU#938617

BIND 9.3.0 vulnerable to denial of service in validator code

Status

Affected

Vendor Statement

Workaround:

Turn off dnssec validation (off by default) at
the options/view level.

    dnssec-enable no;

Fix:
    Upgrade to BIND 9.3.1
    http://www.isc.org/sw/bind/

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    US-CERT has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.