SHARE
CORE IMPACT v10 - Exploits Update (Mon Mar 29 2010)
ISC BIND Dynamic Update Message DoS Exploit Update
Denial of Service/Remote [Solaris]
• Mon Mar 29 2010
A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master. This update adds more supported platforms to the exploit.
Exploits Vulnerabiltiy: CVE-2009-0696