ISC BIND SIG Cached Resource Record Buffer Overflow Vulnerability

It has been reported that DNS servers, running BIND with recursive DNS functionality enabled, are prone to a buffer overflow condition.

An attacker-controlled authoritative DNS server may cause BIND to cache information into an internal database, when recursion is enabled. A buffer overflow vulnerability exists when the DNS server constructs a response to a client request for cached information.

Exploitation of this issue could result in the execution of arbitrary attacker-supplied code with the privileges of the vulnerable BIND daemon.

It should be noted that recursive DNS functionality is enabled by default.


Privacy Statement
Copyright 2010, SecurityFocus