Severity: Unknown
Affected Package: bind
Summary: named crash handling NSEC3-signed zones
A defect in BIND 9.8's handling of queries for NSEC3-signed zones allowed a remote attacker to crash named via an INSIST assertion failure in query_findclosestnsec3() by sending a crafted DNS query to an authoritative name server serving NSEC3-signed zones, resulting in a denial of service. Authoritative servers not serving NSEC3-signed zones are not affected.
No specific recommendations provided.
Aliases: CVE-2014-0591
Published: January 14, 2014
Last Modified: January 14, 2014