CVE-2005-0034
BIND 9.3.0 - Denial of Service via DNSSEC Validation Failure
Title source: llmDescription
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.
References (9)
Core 9
Core References
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2005/0003/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12365
Various Sources x_refsource_confirm
http://www.isc.org/index.pl?/sw/bind/bind9.php
Patch x_refsource_misc
http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14008
Patch x_refsource_confirm
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Patch, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/938617
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1012995
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19062
Scores
EPSS
0.0664
EPSS Percentile
91.3%
Details
Status
published
Products (1)
isc/bind
9.3.0
Published
May 02, 2005
Tracked Since
Feb 18, 2026