BIND 9: query_addsoa DoS

Summary: 
A sequence of queries can cause a recursive nameserver to exit, disabling name service
CVE: 
CVE-2007-2241
CERT: 
VU#718460
Posting date: 
30 Apr 2007
Program Impacted: 
BIND
Versions affected: 
9.4.0 and Alpha releases of 9.5.0
Severity: 
High
Exploitable: 
Remotely
Description: 

A sequence of queries can cause a recursive nameserver to exit. While it is unlikely these will occur in normal operation, an attack can use them to cause the affected versions to exit. This attack is a denial of service, and does not allow an attacker to gain control of affected systems.

Workarounds: 

Disable recursion ('recursion no;' set in named.conf) if it is not required by your configuration.

Active exploits: 
None known at this time.
Solution: 

Upgrade to BIND 9.4.1 or BIND 9.5.0.

Share this