Vigil@nce - ISC BIND: denial of service via findnoqname
June 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can setup a malicious DNS server, and then query an
ISC BIND recursive server, in order to stop it.
Impacted products: BIND, McAfee Email and Web Security, McAfee
Email Gateway
Severity: 2/4
Creation date: 05/06/2013
DESCRIPTION OF THE VULNERABILITY
The ISC BIND server can be configured to accept recursive queries
sent by clients. In this case, it caches the response coming from
remote servers.
However, if the remote zone is not fully signed, the findnoqname()
function of the lib/dns/resolver.c file does not set a variable. A
RUNTIME_CHECK() fatal error then occurs.
An attacker can therefore setup a malicious DNS server, and then
query an ISC BIND recursive server, in order to stop it.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/ISC-BIND-denial-of-service-via-findnoqname-12909