ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
BIND 9.6-ESV-R1 through versions 9.6-ESV-R7-P1
BIND 9.7.1 through versions 9.7.6-P1
BIND 9.8.0 through versions 9.8.3-P1
BIND 9.9.0 through versions 9.9.1-P1
ISC BIND is prone to a denial-of-service vulnerability.
When DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
An attacker can exploit this issue to cause an assertion failure in the 'named' process, denying service to legitimate users. This issue may also be exploited to disclose certain memory information to clients.