Site icon Liquidmatrix Security Digest

ISC BIND Denial of Service

BIND, which stands for Berkeley Internet Name Domain, is used to provide DNS for a rather large part of the internet. According to the folks at Secunia there are some vulnerabilties in BIND that can be remotely exploited. There is a patch available.

“Description:
Some vulnerabilities have been reported in BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An assertion error within the processing of SIG queries can be exploited to crash either a recursive server when more than one SIG(covered) Resource Record set (RRset) is returned or an authoritative server serving a RFC 2535 DNSSEC zone where there are multiple SIG(covered) RRsets.

2) An error within the handling of multiple recursive queries can be exploited to trigger an INSIST failure by causing the response to the query to arrive after all clients looking for the response have left the recursion queue.

NOTE: According to the vendor, the vulnerabilities are likely not exploitable in the 9.2.x branch. However, a patch has been provided.”

Please check your version and upgrade if need be.

Article Link

[tags]ISC BIND, DNS, BIND Vulnerability, Secunia[/tags]

Exit mobile version