CVE-2003-0914

Name of the Vulnerable Software and Affected Versions ISC BIND versions 8.3.x through 8.3.6 ISC BIND versions 8.4.x through 8.4.2

Description The issue allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL value. To exploit this, an attacker must configure a name server to return authoritative negative responses for a given target domain. The attacker must then convince a victim user to query the maliciously configured name server, which will reply with an authoritative negative response containing a large TTL value. This causes the victim's site, if running a vulnerable version of BIND 8, to cache the negative response, rendering the target domain unreachable until the TTL expires.

Recommendations For ISC BIND versions 8.3.x through 8.3.6, update to version 8.3.7 or later. For ISC BIND versions 8.4.x through 8.4.2, update to version 8.4.3 or later.