BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bind | Isc | 8.1 (including) | 8.1 (including) |
| Bind | Isc | 8.1.1 (including) | 8.1.1 (including) |
| Bind | Isc | 8.1.2 (including) | 8.1.2 (including) |
| Bind | Isc | 8.2 (including) | 8.2 (including) |
| Bind | Isc | 8.2.1 (including) | 8.2.1 (including) |
| Bind | Isc | 8.2.2 (including) | 8.2.2 (including) |
| Bind | Isc | 8.2.3 (including) | 8.2.3 (including) |
| Bind | Isc | 8.2.4 (including) | 8.2.4 (including) |
| Bind | Isc | 8.2.5 (including) | 8.2.5 (including) |
| Bind | Isc | 8.2.6 (including) | 8.2.6 (including) |
| Bind | Isc | 8.3.0 (including) | 8.3.0 (including) |
| Bind | Isc | 8.3.1 (including) | 8.3.1 (including) |
| Bind | Isc | 8.3.2 (including) | 8.3.2 (including) |
| Bind | Isc | 8.3.3 (including) | 8.3.3 (including) |