ISC Security Advisories

Reporting security issues:

If you need to report a security issue with any ISC product or service, please do so here.  For some additional guidance on the latest security advisories see these: DHCP or BIND.  This Matrix contains BIND 9 Security advisories and which versions are affected.

As of Oct, 2010 ISC is now using the CVSS, a program of first.org and NIST, to determine the severity of potential security issues. Here is our CVSS scoring guideline chart.

Please see our Security Vulnerabilty Disclosure Policy for details on how we publish security vulnerabilities.

A Vulnerability in libdns Could Cause Excessive Memory Use in ISC DHCP 4.2

Summary: 
A memory exhaustion bug has been discovered in libdns, which is used by ISC DHCP 4.2. Theoretically this could be exploited to cause memory exhaustion in ISC DHCP 4.2.
CVE: 
CVE-2013-2494
Document Version: 
1.0
Posting date: 
26 Mar 2013
Program Impacted: 
DHCP
Versions affected: 
4.2.0 -> 4.2.5
Severity: 
Low
Exploitable: 
from adjacent networks

A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

Summary: 
A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.
CVE: 
CVE-2013-2266
Document Version: 
1.0
Posting date: 
26 Mar 2013
Program Impacted: 
BIND
Versions affected: 
"Unix" versions of 9.7.x, 9.8.0 -> 9.8.5b1, 9.9.0 -> 9.9.3b1. (Windows versions are not affected)
Severity: 
Critical
Exploitable: 
Remotely

BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ

Summary: 
ISC has learned of the potential for an error condition to occur in BIND 9 that can cause a nameserver to terminate with an assertion failure when processing queries if it has been configured to use both DNS64 and Response Policy Zones (RPZ). Please see the full advisory at https://kb.isc.org/article/AA-00855 for details.
CVE: 
CVE-2012-5689
Document Version: 
2.0
Posting date: 
24 Jan 2013
Program Impacted: 
BIND
Versions affected: 
9.8.0->9.8.4-P1, 9.9.0->9.9.2-P1
Severity: 
Low
Exploitable: 
remotely

BIND 9 Servers Using DNS64 Can Be Crashed By A Deliberately Crafted Query

Summary: 
A specific query can cause BIND nameservers using DNS64 to exit with a REQUIRE assertion failure. BIND nameservers that are not using DNS64 are not at risk.
CVE: 
CVE-2012-5688
Document Version: 
2.0
Posting date: 
04 Dec 2012
Program Impacted: 
BIND
Versions affected: 
9.8.0->9.8.4, 9.9.0->9.9.2
Severity: 
Critical
Exploitable: 
remotely

Specially Crafted DNS Data Can Cause a Lockup in named

Summary: 
A nameserver can be locked up if it can be induced to load a specially-crafted combination of resource records.
CVE: 
CVE-2012-5166
Document Version: 
2.0
Posting date: 
09 Oct 2012
Program Impacted: 
BIND
Versions affected: 
Pre-9.6, 9.6-ESV->9.6-ESV-R7-P3, 9.7.0->9.7.6-P3, 9.8.0->9.8.3-P3, 9.9.0->9.9.1-P3
Severity: 
Critical
Exploitable: 
remotely

Reducing the Expiration Time for an IPv6 Lease May Cause the Server to Crash

Summary: 
ISC has discovered that reducing the expiration time for an active IPv6 lease may cause the server to crash.
CVE: 
CVE-2012-3955
Document Version: 
2.0
Posting date: 
12 Sep 2012
Program Impacted: 
DHCP
Versions affected: 
4.1.x, 4.2.x
Severity: 
Medium
Exploitable: 
Remotely

A Specially Crafted Resource Record Could Cause named to Terminate

Summary: 
If a record with RDATA in excess of 65535 bytes is loaded into a nameserver, a subsequent query for that record will cause named to exit with an assertion failure.
CVE: 
CVE-2012-4244
Document Version: 
2.0
Posting date: 
12 Sep 2012
Program Impacted: 
BIND
Versions affected: 
9.0.x -> 9.9.1-P2
Severity: 
Critical
Exploitable: 
Remotely

Memory Leaks Found in ISC DHCP

Summary: 
Two memory leaks have been found and fixed in ISC DHCP. Both are reproducible when running in DHCPv6 mode (with the -6 command-line argument.) The first leak is confirmed to only affect servers operating in DHCPv6 mode, but based on initial code analysis the second may theoretically affect DHCPv4 servers (though this has not been demonstrated.)
CVE: 
CVE-2012-3954
Document Version: 
2.1
Posting date: 
24 Jul 2012
Program Impacted: 
DHCP
Versions affected: 
4.1.x and 4.2.x
Severity: 
Medium
Exploitable: 
locally

High TCP Query Load Can Trigger a Memory Leak in BIND 9

Summary: 
Under heavy incoming TCP query loads named experiences a memory leak which may lead to significant reductions in query response performance. Additionally, this can trigger an automatic shutdown if named is running on a system that kills out-of-memory processes.
CVE: 
CVE-2012-3868
Document Version: 
2.1
Posting date: 
24 Jul 2012
Program Impacted: 
BIND
Versions affected: 
9.9.0 through 9.9.1-P1
Severity: 
High
Exploitable: 
Remotely

An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6

Summary: 
An error in the handling of an unexpected client identifiers can cause a server crash when serving DHCPv6.
CVE: 
CVE-2012-3570
Document Version: 
2.1
Posting date: 
24 Jul 2012
Program Impacted: 
DHCP
Versions affected: 
4.2.0 --> 4.2.4
Severity: 
High
Exploitable: 
Adjacent networks
Share this