CVE-2014-3859 Information

Description

libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet as demonstrated by an attack against named dig or delv.

Reference

http://secunia.com/advisories/58946 http://www.securityfocus.com/bid/68193 http://www.securitytracker.com/id/1030414 https://kb.isc.org/article/AA-01166/ https://kb.isc.org/article/AA-01171/