BIND Denial of Service vulnerability

A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a Denial of Service, according to Secunia.

When an authoritative server processes a successful IXFR transfer or a dynamic update, there is a small window of time during which the IXFR/update coupled with a query may cause a deadlock to occur.

This deadlock will cause the server to stop processing all requests. A high query rate and/or a high update rate will increase the probability of this condition.

The vulnerability is reported in versions 9.7.1 through 9.7.2-P3.

If you run BIND 9.7.1 or 9.7.2, upgrade to BIND 9.7.3. Earlier versions are not vulnerable.

If you run BIND 9.6.x, 9.6-ESV-Rx, or 9.4-ESV-R4, you do not need to upgrade.