BIND 9: query_addsoa DoS
A sequence of queries can cause a recursive nameserver to exit. While it is unlikely these will occur in normal operation, an attack can use them to cause the affected versions to exit. This attack is a denial of service, and does not allow an attacker to gain control of affected systems.
Disable recursion ('recursion no;' set in named.conf) if it is not required by your configuration.
Upgrade to BIND 9.4.1 or BIND 9.5.0.
- BIND 10
- Other Software Projects
- security advisories
- software forums
- ABOUT ISC