ISC Security Advisories

Reporting security issues:

If you need to report a security issue with any ISC product or service, please do so here.  For some additional guidance on the latest security advisories see these: DHCP or BIND.  This Matrix contains BIND 9 Security advisories and which versions are affected.

As of Oct, 2010 ISC is now using the CVSS, a program of first.org and NIST, to determine the severity of potential security issues. Here is our CVSS scoring guideline chart.

Please see our Security Vulnerabilty Disclosure Policy for details on how we publish security vulnerabilities.

An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers

Summary: 
An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers.
CVE: 
CVE-2012-3571
Document Version: 
2.1
Posting date: 
24 Jul 2012
Program Impacted: 
DHCP
Versions affected: 
4.2.0 (including 4.2.x-Px) to 4.2.4; 4.1-ESV through 4.1-ESV-R5; 4.1.2, 4.1.2-P1
Severity: 
High
Exploitable: 
locally

Heavy DNSSEC Validation Load Can Cause a "Bad Cache" Assertion Failure in BIND9

Summary: 
High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a "bad cache" data structure before it has been initialized.
CVE: 
CVE-2012-3817
Document Version: 
2.2
Posting date: 
24 Jul 2012
Program Impacted: 
BIND
Versions affected: 
9.6-ESV-R1--> 9.6-ESV-R7-P1; 9.7.1 --> 9.7.6-P1; 9.8.0 --> 9.8.3-P1; 9.9.0 --> 9.9.1-P1
Severity: 
Critical
Exploitable: 
Remotely

Handling of zero length rdata can cause named to terminate unexpectedly

Summary: 
Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them.
CVE: 
CVE-2012-1667
Document Version: 
1.4
Posting date: 
04 Jun 2012
Program Impacted: 
BIND
Versions affected: 
9.0.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7, 9.7.0->9.7.6, 9.8.0->9.8.3, 9.9.0->9.9.1
Severity: 
Critical
Exploitable: 
Remotely

Ghost Domain Names: Revoked Yet Still Resolvable

Summary: 
After completing our analysis of the DNS exploit reported by Professor Haixin Duan of Tsinghua University, ISC has determined that the behavior he describes, while verifiable, is due to design issues in the DNS protocol. No immediate steps are planned to address the issue. Further information concerning the implications of the reported vulnerability can be found in the complete problem description below.
CVE: 
CVE-2012-1033
Document Version: 
2.1
Posting date: 
07 Feb 2012
Program Impacted: 
BIND
Versions affected: 
All versions of BIND 9
Severity: 
High
Exploitable: 
remotely

An Error in DDNS Processing of DHCPv6 Leases Can Cause a Crash in ISC dhcpd

Summary: 
Improper handling of Dynamic DNS information associated with DHCPv6 leases can cause a segmentation fault in ISC DHCP servers using IPv6 and Dynamic DNS, resulting in denial of service to clients.
CVE: 
CVE-2011-4868
Document Version: 
1.2
Posting date: 
12 Jan 2012
Program Impacted: 
DHCP
Versions affected: 
4.2.2, 4.2.3, 4.2.3-P1
Severity: 
High
Exploitable: 
remotely

Security Advisory - DHCP Regular Expressions Segfault

Summary: 
Segmentation fault from dhcpd while processing an evaluated regular expression
CVE: 
CVE-2011-4539
Document Version: 
1.2
Posting date: 
07 Dec 2011
Program Impacted: 
DHCP
Versions affected: 
4.0.x and higher, including all EOL versions back to 4.0, 4.1-ESV, and 4.2.x
Severity: 
Medium
Exploitable: 
remotely

BIND 9 Resolver crashes after logging an error in query.c

Summary: 
Organizations across the Internet reported crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crashed after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))" Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and has produced patches which prevent the crash. Further information will be made available soon.
CVE: 
CVE-2011-4313
Document Version: 
2.0.1
Posting date: 
16 Nov 2011
Program Impacted: 
BIND
Versions affected: 
BIND 9.0.x -> 9.6.x , 9.4-ESV->9.4-ESV-R5, 9.6-ESV->9.6-ESV-R5, 9.7.0->9.7.4, 9.8.0->9.8.1, 9.9.0a1->9.9.0b1
Severity: 
Serious
Exploitable: 
Remotely

ISC DHCP Server Halt

Summary: 
Two issues have been found in DHCP that could allow an attacker to cause the server to halt.
CVE: 
CVE-2011-2748
Document Version: 
1.1
Posting date: 
10 Aug 2011
Program Impacted: 
DHCP
Versions affected: 
3.1.0 through 3.1-ESV-R1 (R2 never released) 4.0 all versions (EOL) 4.1.0 through 4.1.2rc1 4.1-ESV through 4.1-ESV-R3b1 4.2.0 through 4.2.2rc1 All End-of-Life versions of DHCP server are likely to be affected and ISC recommends upgrading to supported versions.
Severity: 
High
Exploitable: 
Remotely

ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers

Summary: 
A specially constructed packet will cause BIND 9 ("named") to exit, affecting DNS service.
CVE: 
CVE-2011-2464
Document Version: 
2.1
Posting date: 
05 Jul 2011
Program Impacted: 
BIND
Versions affected: 
9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, 9.8.1b1
Severity: 
High
Exploitable: 
Remotely

ISC BIND 9 Remote Crash with Certain RPZ Configurations

Summary: 
Two defects were discovered in ISC's BIND 9 code. These defects only affect BIND 9 servers which have recursion enabled and which use a specific feature of the software known as Response Policy Zones (RPZ) and where the RPZ zone contains a specific rule/action pattern.
CVE: 
CVE-2011-2465
Document Version: 
2.1
Posting date: 
05 Jul 2011
Program Impacted: 
BIND
Versions affected: 
9.8.0, 9.8.0-P1, 9.8.0-P2 and 9.8.1b1 Other versions of BIND 9 not listed here are not vulnerable to this problem.
Severity: 
High
Exploitable: 
Remotely
Share this