The BlueCat Customer Care team is your single point of contact for technical expertise and best-in-class 24/7/365 product support. We listen. We understand. We care.
A vulnerability has been announced by the ISC (Internet Systems Consortium) - CVE-2014-0591 which affects ISC BIND.
Authoritative name servers using DNSSEC with at least one NSEC3-signed zone.
A specially crafted query against an NSEC3-signed zone can crash DNS.
Because of a defect in handling queries for NSEC3-signed zones, BIND can crash with an "INSIST" failure in name.c when processing queries possessing certain properties. By exploiting this defect an attacker deliberately constructing a query with the right properties could achieve denial of service against an authoritative nameserver serving NSEC3-signed zones.
Affected Adonis Versions:
BlueCat's assessment of CVE-2014-0591 has determined that all supported versions of Adonis are affected. A patch has been released to address the issue for these affected versions.
Please visit Care and review KB-6419 to download the patch and associated release notes.
© 2001-2014 BlueCat Networks - All Rights Reserved - Privacy