CVE-2011-4313

Name of the Vulnerable Software and Affected Versions ISC BIND versions 9.0.x through 9.6.x ISC BIND versions 9.4-ESV through 9.4-ESV-R5 ISC BIND versions 9.6-ESV through 9.6-ESV-R5 ISC BIND versions 9.7.0 through 9.7.4 ISC BIND versions 9.8.0 through 9.8.1 ISC BIND versions 9.9.0a1 through 9.9.0b1

Description The issue allows remote attackers to cause a denial of service via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. This can lead to an assertion failure and the named service exiting.

Recommendations For ISC BIND versions 9.0.x through 9.6.x, update to a version outside of the affected range to resolve the issue. For ISC BIND versions 9.4-ESV through 9.4-ESV-R5, update to a version outside of the affected range to resolve the issue. For ISC BIND versions 9.6-ESV through 9.6-ESV-R5, update to a version outside of the affected range to resolve the issue. For ISC BIND versions 9.7.0 through 9.7.4, update to a version outside of the affected range to resolve the issue. For ISC BIND versions 9.8.0 through 9.8.1, update to a version outside of the affected range to resolve the issue. For ISC BIND versions 9.9.0a1 through 9.9.0b1, update to a version outside of the affected range to resolve the issue. As a temporary workaround, consider restricting recursive DNS queries to minimize the risk of exploitation.