A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's (ISC) Berkeley Internet Name Domain (BIND) server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause vulnerable BIND servers to shut down.
BIND is an implementation of the Domain Name System (DNS) that is maintained by the ISC. A vulnerability in Version 9 of BIND exists which may result in the deliberate shutdown of vulnerable BIND servers by arbitrary remote attackers. The shutdown can be caused by a specific DNS packet designed to create an improperly-handled error condition. Because the error condition is correctly detected but is not handled properly, this vulnerability will not allow an intruder to execute arbitrary code or write data to arbitrary locations in memory. The error condition that triggers the shutdown occurs when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL as expected. The condition causes the code to assert an error message and call abort() to shutdown the BIND server.
Exploitation of this vulnerability will cause the vulnerable BIND server to abort and shut down. As a result, the BIND server will not be available unless restarted.
Apply a patch from your vendor or upgrade to BIND 9.2.1. BIND 9.2.1 is available from http://www.isc.org/products/BIND/bind9.html.
Red Hat Inc.
The SCO Group (SCO UnixWare)
Apple Computer Inc.
Compaq Computer Corporation
Sun Microsystems Inc.
Cisco Systems Inc.
Wind River Systems Inc.
The CERT/CC thanks the Internet Software Consortium (ISC) for reporting this vulnerability to us.
This document was written by Ian A. Finlay.