Slashdot Mirror

← Back to Stories (view on slashdot.org)

New DoS Vulnerability In All Versions of BIND 9

Posted by kdawson on from the binding-with-briars-my-joys-and-desires dept.

Icemaann writes "ISC is reporting that a new, remotely exploitable vulnerability has been found in all versions of BIND 9. A specially crafted dynamic update packet will make BIND die with an assertion error. There is an exploit in the wild and there are no access control workarounds. Red Hat claims that the exploit does not affect BIND servers that do not allow dynamic updates, but the ISC post refutes that. This is a high-priority vulnerability and DNS operators will want to upgrade BIND to the latest patch level."

13 of 197 comments (clear)

  1. Well.. by TechyImmigrant · · Score: 2, Funny

    Well DNS operators do appear to be in a bit of a bind don't they?

    --
    Evil people are out to get you.
  2. All versions of Bind 9? by Yvan256 · · Score: 2, Funny

    Good thing I'm using FreeDOS!

    1. Re:All versions of Bind 9? by tygerstripes · · Score: 5, Funny

      But it's a DOS vulnerability!!! Sheesh, read the title...

      --
      Meta will eat itself
  3. For goodness sake upgrade.... by syousef · · Score: 4, Funny

    ...to Windows! DOS is just so 80's and 90's it's not funny.

    (Suggested mod: +1 funny)

    --
    These posts express my own personal views, not those of my employer
    1. Re:For goodness sake upgrade.... by Sicarul · · Score: 2, Funny

      hahaha automatically translated Spanish is so funny (Spanish is my mother language) Though, i don't know what he meant, he said "Yes, i think three or four would be much more modern"... i don't see how it applies to it's previous post... three or four windows? O.o

  4. djb by dickens · · Score: 4, Funny

    Somewhere I think djb is managing to both smile and raise his eyebrows simultaneously.

  5. Re:Ain't what it used to be.... by houstonbofh · · Score: 2, Funny

    Remember when "shutdown -rfn" would work? Ahh... The days of youth.

  6. Re:Interesting by Minwee · · Score: 5, Funny

    It is now.

    This vulnerability also gives the three people running DJB DNS a much needed opportunity for some smugness.

  7. Re:Interesting by kriebz · · Score: 5, Funny

    I was under the impression they had smugness to spare.

  8. Re:Ain't what it used to be.... by FishWithAHammer · · Score: 3, Funny

    I never heard that one, but please tell me it stands for "Right Fucking Now."

    --
    "You can either have software quality or you can have pointer arithmetic, but you cannot have both at the same time."
  9. Re:Ain't what it used to be.... by palegray.net · · Score: 2, Funny

    I think I'm going to alias "reboot" to 'echo "go read some man pages and come back later"' on a bunch of servers now :)

    --
    512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  10. Smug by TheLink · · Score: 3, Funny

    Smugness to spare? My smugness was overflowing more than BIND9 buffers.

    Great opportunity to vent some smugness today :).

    --
  11. Re:It's because it works, & I believe in every by ShakaUVM · · Score: 4, Funny

    My approach isn't stupid in regards to that. Free? That's a "pretty good price", wouldn't YOU say? And, you're also FREE to customize it, & thus, YOUR PERSONALIZED VERSION OF A CUSTOM HOSTS FILE, JUST GOES ALONG WITH YOUR PERSONALIZED SPED UP & SAFER VERSION OF THE INTERNET... &, just as YOU see fit & like, easily. Notepad.exe for instance? My gosh - lol, just "does wonders" here, on this account... lol!

    Are you the ghost of Billy Mays?