The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DSA-1847-1 | New bind9 packages fix denial of service |
![]() |
USN-808-1 | Bind vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2024-08-07T04:48:51.588Z
Reserved: 2009-02-22T00:00:00
Link: CVE-2009-0696

No data.

Status : Deferred
Published: 2009-07-29T17:30:00.920
Modified: 2025-04-09T00:30:58.490
Link: CVE-2009-0696


No data.