ISC BIND DNAME Response Processing Denial of Service (CVE-2016-8864)

A denial of service vulnerability has been reported in ISC BIND. The vulnerability is due to a flaw processing recursive DNAME responses that can cause the target resolver to crash. A remote, unauthenticated attacker could exploit this vulnerability against DNS servers that perform recursive queries by providing responses with a crafted DNAME answer. Successful exploitation could lead to a denial-ofservice.

Leave a Reply