sig bug

Summary: 
Denial of service in BIND named via malformed SIG records.
CVE: 
CVE-1999-0835
Posting date: 
11 Nov 1999
Program Impacted: 
BIND
Versions affected: 
4.9.5 - 4.9.6, 8.1 - 8.2.1
Severity: 
Serious
Exploitable: 
Remotely
Description: 

Improper validation of SIG record contents can trigger the DNS server crashing resulting in a denial of service attack.

Workarounds: 

None.

Active exploits: 
None known at this time.
Solution: 

Upgrade to BIND 8.2.1 or later

Share this