FreeBSD Information for VU#715973
ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
- Vendor Information Help Date Notified: 12 Nov 2000
- Statement Date:
- Date Updated: 11 May 2001
All versions of FreeBSD after 4.0-RELEASE (namely 4.1-RELEASE,
4.1.1-RELEASE and the forthcoming 4.2-RELEASE) are not vulnerable to
this bug since they include versions of BIND 8.2.3. FreeBSD
4.0-RELEASE and earlier are vulnerable to the reported problems since
they include an older version of BIND, and an update to a
non-vulnerable version is scheduled to be committed to FreeBSD
3.5.1-STABLE in the next few days.
The vendor has not provided us with any further information regarding this vulnerability.
FreeBSD has released the following advisory regarding this issue:
If you have feedback, comments, or additional information about this vulnerability, please send us email.