Inverse Query Buffer Overflow in BIND 4.9 and BIND 8 Releases

BIND is a popular open-source DNS server software used to manage domain name system (DNS) records for Internet Protocol version 4 (IPv4). This vulnerability allows an attacker to overflow the buffer of the inverse query function, potentially leading to arbitrary code execution on the server. If your organization uses a BIND server without proper configuration or security measures, this could lead to unauthorized access and potential data breaches.

You're affected if you use Inverse query buffer overflow. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

1. Upgrade to a patched version of BIND 9 or later: Download the patch from SGI's patches page and follow the instructions.
2. If an upgrade is not possible, implement immediate mitigations:
3. Restrict access to the BIND server using firewall rules or other network security measures.
4. Monitor DNS query logs for suspicious activity.

• patches.sgi.com
• sunsolve.sun.com
• www.securityfocus.com
• www1.itrc.hp.com
• patches.sgi.com
• sunsolve.sun.com
• www.securityfocus.com
• www1.itrc.hp.com