This vulnerability can cause affected DNS servers running named to go into an infinite loop, thus preventing further name requests to be handled. This can happen if an SRV record (defined in RFC2782) is sent to the vulnerable server.
Microsoft's Windows 2000 Active Directory service makes extensive use of SRV records and is reportedly capable of triggering this bug in the course of normal operations. This is not, however, a vulnerability in Microsoft Active Directory. Any network client capable of sending SRV records to vulnerable name server systems can exercise this vulnerability.
Upgrade to BIND 8.2.2-p7 or later
- BIND 10
- Other Software Projects
- security advisories
- software forums
- ABOUT ISC