FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dns/bind9* -- crash on deliberately constructed combination of records

Affected packages
		bind99	<	9.9.1.4
		bind99-base	<	9.9.1.4
		bind98	<	9.8.3.4
		bind98-base	<	9.8.3.4
		bind97	<	9.7.6.4
		bind97-base	<	9.7.6.4
		bind96	<	9.6.3.1.ESV.R7.4
		bind96-base	<	9.6.3.1.ESV.R7.4

Details

VuXML ID	57a700f9-12c0-11e2-9f86-001d923933b6
Discovery	2012-09-26
Entry	2012-10-10

ISC reports:

A deliberately constructed combination of records could cause named to hang while populating the additional section of a response.

[source]

References

CVE Name

CVE-2012-5166

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.