FreeBSD, Inc. Information for VU#697164

BIND vulnerable to an INSIST failure via sending of multiple recursive queries



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The FreeBSD development team has published FreeBSD Security Advisory FreeBSD-SA-06:20.bind in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

The bind9 FreeBSD port was also updated on 2006-09-06 to include patches for this issue. Users who obtain BIND from the FreeBSD ports collection are encourage to upgrade to this version (or later) of the port.

If you have feedback, comments, or additional information about this vulnerability, please send us email.