FreeBSD Information for VU#715973

ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"


Not Affected

Vendor Statement

All versions of FreeBSD after 4.0-RELEASE (namely 4.1-RELEASE,
4.1.1-RELEASE and the forthcoming 4.2-RELEASE) are not vulnerable to
this bug since they include versions of BIND 8.2.3. FreeBSD
4.0-RELEASE and earlier are vulnerable to the reported problems since
they include an older version of BIND, and an update to a
non-vulnerable version is scheduled to be committed to FreeBSD
3.5.1-STABLE in the next few days.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



FreeBSD has released the following advisory regarding this issue: