FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bind -- denial of service vulnerability

Affected packages
bind99 < 9.9.4.2
bind99-base < 9.9.4.2
bind98 < 9.8.6.2
bind98-base < 9.8.6.2
bind96 < 9.6.3.2.ESV.R10.2
bind96-base < 9.6.3.2.ESV.R10.2
9.2 <= FreeBSD < 9.2_3
9.1 <= FreeBSD < 9.1_10
8.4 <= FreeBSD < 8.4_7
8.3 <= FreeBSD < 8.3_14

Details

VuXML ID cb252f01-7c43-11e3-b0a6-005056a37f68
Discovery 2014-01-08
Entry 2014-01-13
Modified 2016-08-09

ISC reports:

Because of a defect in handling queries for NSEC3-signed zones, BIND can crash with an "INSIST" failure in name.c when processing queries possessing certain properties. By exploiting this defect an attacker deliberately constructing a query with the right properties could achieve denial of service against an authoritative nameserver serving NSEC3-signed zones.

References

CVE Name CVE-2014-0591
FreeBSD Advisory SA-14:04.bind
URL https://kb.isc.org/article/AA-01078/74/