| Severity |
|
| Remote |
|
| Type |
|
| Description |
| + |
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. |
|
| References |
| + |
https://kb.isc.org/article/AA-01602/74/CVE-2018-5736 |
|
| Notes |
| + |
Workaround: |
| + |
|
| + |
For servers which must receive notifies to keep slave zone contents current, no complete workarounds are known although restricting BIND to only accept NOTIFY messages from authorized sources can greatly mitigate the risk of attack. |
|