Info

Disclosure

Jan 25, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

BIND contains a flaw that may allow a remote denial of service. The issue is triggered by an error within the authvalidated() function, and will result in loss of availability for the service.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 9.3.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

ISC

BIND

9.3.0

References

Security Tracker: 1012995
Secunia Advisory ID: 14008 14036 15656
CVE ID: 2005-0034 (see also: NVD)
CERT VU: 938617
Other Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:12.bind9.asc http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:023
Vendor Specific Advisory URL: http://www.isc.org/index.pl?/sw/bind/bind-security.php

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218