CVE-2014-3214

Name of the Vulnerable Software and Affected Versions ISC BIND version 9.10.0

Description The issue concerns the prefetch function in named when the recursive nameserver is enabled. It allows a remote attacker to cause a denial of service by triggering a response with unspecified attributes through a DNS query, leading to a REQUIRE assertion failure and the termination of the daemon.

Recommendations For ISC BIND version 9.10.0, consider disabling the recursive nameserver feature as a temporary workaround until a patch is available. Restrict access to the prefetch function to minimize the risk of exploitation. Avoid using the prefetch feature in the affected DNS query until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.