Short Name |
DNS:QUERY:ISC-BIND-RPZ-DOS |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
DNS |
Keywords |
ISC BIND RPZ Query Processing Denial of Service |
Release Date |
2017/07/10 |
Update Number |
2952 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A denial-of-service vulnerability has been reported in ISC BIND. Successful exploitation could lead to denial-of-service conditions.
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.