Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator"s part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-validation auto;" or "dnssec-lookaside auto;".