BIND denial of service (server crash) caused by receipt of a specific remote dynamic update message.

"

Urgent: this exploit is public. Please upgrade immediately.

Receipt of a specially-crafted dynamic update message to a zone for which the server is the master may cause BIND 9 servers to exit. Testing indicates that the attack packet has to be formulated against a zone for which that machine is a master. Launching the attack against slave zones does not trigger the assert.

This vulnerability affects all servers that are masters for one or more zones – it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround."

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696

Associated Slashdot discussion: http://it.slashdot.org/story/09/07/29/0028231/New-DoS-Vulnerability-In-All-Versions-of-BIND-9