CVE-2005-0033

Name of the Vulnerable Software and Affected Versions BIND versions 8.4.4 through 8.4.5

Description A buffer overflow issue exists in the code for recursion and glue fetching, allowing remote attackers to cause a denial of service by crashing the system via queries that trigger the overflow in the q usedns array, which tracks nameservers and addresses.

Recommendations For BIND versions 8.4.4 through 8.4.5, consider restricting access to the recursion and glue fetching functionality until a patch is available. As a temporary workaround, limit the use of the q usedns array to prevent the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.