Candidate: CVE-2009-0696
PublicDate: 2009-07-29 17:30:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
 https://ubuntu.com/security/notices/USN-808-1
Description:
 The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before
 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as
 a master server, allows remote attackers to cause a denial of service
 (assertion failure and daemon exit) via an ANY record in the prerequisite
 section of a crafted dynamic update message, as exploited in the wild in
 July 2009.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: high
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_bind9:
upstream_bind9: released (9.6.1)
dapper_bind9: released (1:9.3.2-2ubuntu1.7)
hardy_bind9: released (1:9.4.2.dfsg.P2-2ubuntu0.2)
intrepid_bind9: released (1:9.5.0.dfsg.P2-1ubuntu3.2)
jaunty_bind9: released (1:9.5.1.dfsg.P2-1ubuntu0.1)
devel_bind9: not-affected