By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can cause
named(8) to crash, leading to a denial of service.
All recursive BIND DNS servers are vulnerable to this. Authoritative servers are only vulnerable if the attacker is able to control a delegation traversed by the authoritative server in order to serve the zone.
