{"vuid":"VU#718460","idnumber":"718460","name":"ISC BIND denial of service vulnerability","keywords":["ISC","BIND","DoS","denial of service","recursive","nameserver","sequence","queries","query_addsoa"],"overview":"A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system.","clean_desc":"The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). BIND version 9.4.0 contains a vulnerability in the way that the query_addsoa() function is called. A remote attacker with the ability to send a specific sequence of queries to a vulnerable system can cause the nameserver to exit. Note that recursion must be enabled on the nameserver for this vulnerability to be exposed.","impact":"A remote attacker may be able to cause the name server daemon to exit prematurely, thereby causing a denial of service for DNS operations.","resolution":"Upgrade Users who compile their own copies of the affected version of BIND (9.4.0) from the original ISC source code are encouraged to upgrade to BIND version 9.4.1 (or later), which includes a patch for this issue.","workarounds":"Workarounds Disable Recursion\nUsers, particularly those who are not able to upgrade, are encouraged to disable recursion ('recursion no;' set in named.conf) if it is not required by their configuration.","sysaffected":"","thanks":"Thanks to Mark Andrews of the Internet Systems Consortium (ISC) for reporting this vulnerability.","author":"This document was written by Chad R Dougherty.","public":["http://www.isc.org/sw/bind/bind-security.php","http://secunia.com/advisories/25070/"],"cveids":["CVE-2007-2241"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-04-30T00:55:35Z","publicdate":"2007-05-01T00:00:00Z","datefirstpublished":"2007-05-03T14:25:43Z","dateupdated":"2007-07-03T14:13:35Z","revision":13,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"8","cam_population":"5","cam_impact":"8","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"6.9","cam_scorecurrentwidelyknown":"8.4","cam_scorecurrentwidelyknownexploited":"14.4","ipprotocol":"udp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":6.9,"vulnote":null}