Name Server Operations Guide for BIND Release 4.9.5 : Security : Denial of Service: Hash Bug Exploit
Previous: Insertion of data into a zone that is being servered
Next: Denial of Service: TTL Inconsistency Attacks

3.3. Denial of Service: Hash Bug Exploit

September 1996 saw the COM TLD subject to a denial of service attack by injecting into the DNS a record with a final label of COM, eight spaces and COM. This effected BIND 4.9.4 servers. Similar attacks are possible on BIND 4.9.3 and BIND 4.9.3-P1.

It is recommend that you run a BIND 4.9.4-P1 or later server to avoid this exploit.


Name Server Operations Guide for BIND Release 4.9.5 : Security : Denial of Service: Hash Bug Exploit
Previous: Insertion of data into a zone that is being servered
Next: Denial of Service: TTL Inconsistency Attacks