ISC BIND Dynamic Update Message DoS Exploit

A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master.
Vulnerabilty ID: 
CVE-2009-0696
Product Version: 
9.0
Released Date: 
Wednesday, October 28, 2009 - 00:00