Internet Systems Consortium Information for VU#264212

Recursive DNS resolver implementations may follow referrals infinitely

Status

Affected

Vendor Statement

Upgrade to the patched release most closely related to your current version of BIND.  Patched builds of currently supported branches of BIND (9.9 and 9.10) can be downloaded via http://www.isc.org/downloads

  • BIND 9 version 9.9.6-P1
  • BIND 9 version 9.10.1-P1

    Vendor Information

    This vulnerability has been fixed in the latest version of BIND. Users are encouraged to update BIND as soon as possible. This issue in BIND is assigned CVE-2014-8500.

    Vendor References

    https://kb.isc.org/article/AA-01216/0

    Addendum

    There are no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.