IBM Information for VU#196945
ISC BIND 8 contains buffer overflow in transaction signature (TSIG) handling code
[A fix for this vulnerability] can be downloaded from ftp://ftp.software.ibm.com/aix/efixes/security. The compressed tarfile is multiple_bind_vulns_efix.tar.Z. Installation instructions and other important information are given in the README file that is included in the tarball.
The official fix for the four BIND4 and BIND8 vulnerabilities will be in APAR #IY16182.
AIX Security Response Team
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.