ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)

  Severity: CRITICAL

  DESCRIPTION

A denial-of-service vulnerability has been reported in BIND. The vulnerability is due to improper parsing of incoming responses, allowing malformed records to be accepted by BIND when they should not be accepted. A remote, unauthenticated attacker could exploit this vulnerability against DNS servers that perform recursive queries by crafting responses with an improper class attribute. Successful exploitation could lead to denial-of service.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1007465