CVE-2009-0696
EXPLOITED IN THE WILDISC BIND <9.4.3-P3, 9.5, 9.6 - DoS
Title source: llmDescription
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message.
Exploits (1)
References (37)
... and 17 more
Scores
EPSS
0.2946
EPSS Percentile
96.6%
Details
VulnCheck KEV
2009-07-29
InTheWild.io
2018-10-10
CWE
CWE-16
Status
published
Products (8)
isc/bind
9.4
isc/bind
9.4.0 (13 CPE variants)
isc/bind
9.4.1
isc/bind
9.4.2 (3 CPE variants)
isc/bind
9.4.3 (5 CPE variants)
isc/bind
9.5
isc/bind
9.5.0 (15 CPE variants)
isc/bind
9.6 (11 CPE variants)
Published
Jul 29, 2009
Tracked Since
Feb 18, 2026