Internet Systems Consortium Information for VU#264212

Recursive DNS resolver implementations may follow referrals infinitely



Vendor Statement

Upgrade to the patched release most closely related to your current version of BIND.  Patched builds of currently supported branches of BIND (9.9 and 9.10) can be downloaded via

    • BIND 9 version 9.9.6-P1
    • BIND 9 version 9.10.1-P1

      Vendor Information

      This vulnerability has been fixed in the latest version of BIND. Users are encouraged to update BIND as soon as possible. This issue in BIND is assigned CVE-2014-8500.

      Vendor References


      There are no additional comments at this time.

      If you have feedback, comments, or additional information about this vulnerability, please send us email.