Tech Support Guy banner
Status
Not open for further replies.

BIND 9 denial of service being actively exploited

722 views 0 replies 1 participant last post by  lotuseclat79 
#1 ·
BIND 9 denial of service being actively exploited.

Internet Systems Consortium, the developers of the BIND DNS server, is reporting a denial of service vulnerability that is being actively exploited. "Receipt of a specially-crafted dynamic update message to a zone for which the server is the master may cause BIND 9 servers to exit. Testing indicates that the attack packet has to be formulated against a zone for which that machine is a master. Launching the attack against slave zones does not trigger the assert. [...] This vulnerability affects all servers that are masters for one or more zones – it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround." ISC is urgently suggesting that everyone upgrade BIND to 9.4.3-P3, 9.5.1-P3, or 9.6.1-P1
-- Tom
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top