CVE-2005-0034

Description

An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.

How to fix CVE-2005-0034

To remediate CVE-2005-0034, upgrade the affected package to a fixed version below.

• Debian/bind9—upgrade to 1:9.3.1 or later

Is CVE-2005-0034 being exploited?

Moderate — EPSS is 6.6%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 1:9.3.1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2005-0034