CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS
Percentile
94.8%
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative
server, allows remote attackers to cause a denial of service (deadlock and
daemon hang) by sending a query at the time of (1) an IXFR transfer or (2)
a DDNS update.
Author | Note |
---|---|
mdeslaur | 2975. [bug] rbtdb.c:cleanup_dead_nodes_callback() aquired the wrong lock which could lead to server deadlock. [RT #22614] 9.7.1 and later only |