25 Jan
2005
25 Jan
'05
11:06 a.m.
Joe Abley wrote:
Advisories for BIND 9 and BIND 8 follow.
Versions affected: BIND 8.4.4 and 8.4.5 Severity: LOW Exploitable: Remotely Type: denial of service Description:
It is possible to overrun the q_usedns array which is used to track nameservers / addresses that have been queried.
Workaround:
Disable recursion and glue fetching.
Errm, should this really be labelled low severity? -- Juha