oss-sec mailing list archives

DoS vulnerability in the BIND resolver (and potentially others)

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 13 Jan 2013 11:26:17 +0100

Scott Brynen described a behavioral change in some of the UltraDNS
authorative name servers:

<https://lists.dns-oarc.net/pipermail/dns-operations/2013-January/009501.html>

Mark Andrews of ISC confirmed that this triggers a denial of service
condition in the BIND recursive resolver:

<https://lists.dns-oarc.net/pipermail/dns-operations/2013-January/009506.html>

I think he is right, but this obviously has to be fixed in the
resolver.  Can this be assigned a CVE?

Current thread:

DoS vulnerability in the BIND resolver (and potentially others) Florian Weimer (Jan 13)
- Re: DoS vulnerability in the BIND resolver (and potentially others) Kurt Seifried (Jan 13)
- Re: DoS vulnerability in the BIND resolver (and potentially others) Solar Designer (Jan 13)