ISC BIND Security Bypass Vulnerability


ISC BIND is prone to a security-bypass vulnerability.


The information has been provided by Haixin Duan, Jianping Wu, Jian Jiang and Jinjin Liang of Tsinghua University, Jun Li of University of Oregon, Carlos III of University of Madrid, Kang Li of University of Georgia.
The original article can be found at:


Vulnerable Systems:
 * ISC BIND 9.6 and prior

Successfully exploiting this issue will cause the application to retain domain names resolvable even after the names are removed from the upper level servers.

Vendor Status:
ISC had issued an update for this vulnerability

Patch Availability:

CVE Information:

Disclosure Timeline:
Initial Release: Jun 07 2012

Categories: News