BIND 9: dereferencing freed fetch context

Summary: 
A logic error can cause the named process to exit unintentionally.
CVE: 
CVE-2007-0493
Posting date: 
30 Jan 2007
Program Impacted: 
BIND
Versions affected: 
9.3.0, 9.3.1, 9.3.2, 9.3.3, Alpha and Beta versions of 9.40, Alpha versions of 9.5.0
Severity: 
Low
Exploitable: 
Remotely
Description: 

It is possible for the named to dereference (read) a freed fetch context. This can cause named to exit unintentionally.

Workarounds: 

Disable or restrict recursion (to limit exposure).

Active exploits: 
None known at this time.
Solution: 

Upgrade to BIND 9.2.8, 9.3.4, or 9.4.0, or 9.5.0

Share this