ISC BIND DNS 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
Please check the ISC knowledgebase for further information (opens in new window).posted on January 25, 2013 by
Leave a Comment
CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ
About Paul RobertsPaul has spent his entire career within the IT industry and since 1997 has been deploying DNS, DHCP and IPAM solutions globally. Paul is a regular guest speaker at exhibitions and seminars.
