Internet Systems Consortium Security Advisory: BIND: Self Check Failing

[Mark Andrews]

		Internet Systems Consortium Security Advisory.
			BIND: Self Check Failing
			     18 November 2004

        Versions affected:
                BIND 9.3.0
        Severity: LOW
        Exploitable: Remotely
        Type: denial of service
	Description:

		An incorrect assumption in the validator (authvalidated)
		can result in a REQUIRE (internal consistancy) test failing
		and named exiting.

	Workaround:

		Turn off dnssec validation (off by default) at
		the options/view level.

			dnssec-enable no;

	Fix:

		Upgrade to BIND 9.3.1
		http://www.isc.org/sw/bind/

	See also:
		http://www.kb.cert.org/vuls/id/938617