The FreeBSD Security Team has identified an issue in Bind and has issued the following security advisory: FreeBSD-SA-12:06.bind (22/11/2012).
BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server.
II. Problem Description
The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA.
A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named.
For a workaround and solution, check out the security advisory: FreeBSD-SA-12:06.bind
An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record.
The attacker can also cause the server to lock up with specific combinations of RDATA.