FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bind -- denial of service vulnerability

Affected packages
bind910 < 9.10.2P3
bind99 < 9.9.7P2
0 < bind910-base
0 < bind99-base
9.3 <= FreeBSD < 9.3_21
8.4 <= FreeBSD < 8.4_35

Details

VuXML ID 731cdeaa-3564-11e5-9970-14dae9d210b8
Discovery 2015-07-21
Entry 2015-07-28
Modified 2016-08-09

ISC reports:

An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit.

References

CVE Name CVE-2015-5477
FreeBSD Advisory SA-15:17.bind
URL https://kb.isc.org/article/AA-01272/