CVE-2016-1284

Name of the Vulnerable Software and Affected Versions ISC BIND 9 Supported Preview Edition versions 9.9.8-S through 9.9.8-S4

Description The issue exists due to insufficient input validation in the DNS server. It can be exploited by a remote attacker to cause a denial of service, resulting in an "Assertion failure" error and termination of the daemon. This can be achieved by sending a specially crafted query with flag values.

Recommendations For ISC BIND 9 Supported Preview Edition versions 9.9.8-S through 9.9.8-S4, update to version 9.9.8-S5 or later to resolve the issue. As a temporary workaround, consider disabling the nxdomain-redirect feature until a patch is available.