PROBLEM:
McAfee Firewall Enterprise ISC BIND Record Handling Lockup Vulnerability
PLATFORM:
Versions 8.2.x prior to 8.2.1P06, and 8.3.x prior to 8.3.0P02
REFERENCE LINKS:
Secunia Advisory SA51050
CVE-2012-5166
McAfee Corporate Knowledge Base
IMPACT ASSESSMENT:
Medium
DISCUSSION:
The vulnerability is caused due to an error when handling queries for certain records and can be exploited to cause the named process to lockup.
IMPACT:
If specific combinations of RDATA are loaded into a nameserver, either via cache or an authoritative zone, a subsequent query for a related record will cause named to lock up.
SOLUTION:
Update to version 8.2.1P06 or 8.3.0P02 when available