A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to bypass certain security restrictions.
ISC BIND 9.2.x
ISC BIND 9.3.x
ISC BIND 9.4.x
ISC BIND 9.5.x
ISC BIND 9.6.x
ISC BIND 9.7.x
ISC BIND 9.8.x
The vulnerability is caused due to an error within the cache update policy.
Researchers discovered a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. The issue, which is in all versions of BIND 9, exploits a vulnerability in DNS cache update policy, which prevents effective domain name revocation. Attackers could cause a malicious domain name to be continuously resolvable even after the delegated data has been deleted from the domain registry and after the TTL associated with entry supposedly expires
Remote security Bypass
The vendor is currently working a fix.