ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability

ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability

It has been reported that DNS servers, running BIND with recursive DNS functionality enabled, are prone to a buffer overflow condition.

An attacker-controlled authoritative DNS server may cause BIND to cache information into an internal database, when recursion is enabled. A buffer overflow vulnerability exists when the DNS server constructs a response to a client request for cached information.

Exploitation of this issue could result in the execution of arbitrary attacker-supplied code with the privileges of the vulnerable BIND daemon.

It should be noted that recursive DNS functionality is enabled by default.