CVE-2006-0987

Name of the Vulnerable Software and Affected Versions ISC BIND versions prior to 9.4.1-P1

Description The issue allows remote attackers to cause a denial of service through traffic amplification via DNS queries with spoofed source IP addresses. This occurs because the default configuration of ISC BIND, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses.

Recommendations For versions prior to 9.4.1-P1, update to version 9.4.1-P1 or later to resolve the issue. As a temporary workaround, consider restricting recursive queries to authorized IP addresses to minimize the risk of exploitation.