Article ID: 123953, created on Dec 16, 2014, last review on Jun 17, 2016

  • Applies to:
  • Operations Automation
  • Plesk
  • Virtuozzo
  • Virtual Automation
  • H-Sphere

Failure to place limits on delegation chaining can allow an attacker to crash BIND or cause memory exhaustion.


By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process.).

Additional information: BIND: CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND


All recursive resolvers are affected. Authoritative servers can be affected if an attacker can control a delegation traversed by the authoritative server in servicing the zone.


To close the vulnerability, BIND upgrade is required.

Call to Action

Upgrade BIND to the patched release most closely related to your current version. All the OS vendors already fixed bind packages in their OS repositories:

For CentOS/RedHat systems:

# yum update bind

For Debian/Ubuntu systems:

# apt-get install bind9

For a product installed in a Parallels Server Virtualization environment:

To update bind in all containers in a batch, please check article #123952

Parallels takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.

We also strongly encourage you to stay connected to Parallels for important product-related information via these methods:

Search Words

bind crash

Cannot execute the remote command. Please, make sure that the hostname and password are correct


f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387 e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065 319940068c5fa20655215d590b7be29b 2897d76d56d2010f4e3a28f864d69223 0dd5b9380c7d4884d77587f3eb0fa8ef 198398b282069eaf2d94a6af87dcb3ff 614fd0b754f34d5efe9627f2057b8642 400e18f6ede9f8be5575a475d2d6b0a6 5356b422f65bdad1c3e9edca5d74a1ae a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c

Email subscription for changes to this article
Save as PDF