Bug Key Information: Bug ID: #538975 Package: bind9 Summary: bind9 dies with assertion failure (db.c:579) Severity: security Tags: security Fixed Version: bind9 1:9.6.1.dfsg.P1-1, bind9 1:9.5.1.dfsg.P3-1 Key Points About the Vulnerability: Vulnerability Type: bind9 crashes with an assertion failure due to a specially crafted DNS update packet. Impact: The crash occurs specifically when the used FQDN exists on the nameserver. CVE Reference: CVE-2009-0696 Fix Details: The issue was addressed by adding a security update which filters DNS update packets using iptables, mitigating the attack. Patch Release: The fix was included in the Debian package bind9 1:9.6.1.dfsg.P1-1 and later versions. System Information (at the time): - Debian Release: 5.0.2 - Kernel: Linux 2.6.26-1-xen-686 (SMP w/1 CPU core) Resolution Status: The bug is archived, and no further changes can be made.