Slashdot Mirror

← Back to Stories (view on slashdot.org)

New DoS Vulnerability In All Versions of BIND 9

Posted by kdawson on from the binding-with-briars-my-joys-and-desires dept.

Icemaann writes "ISC is reporting that a new, remotely exploitable vulnerability has been found in all versions of BIND 9. A specially crafted dynamic update packet will make BIND die with an assertion error. There is an exploit in the wild and there are no access control workarounds. Red Hat claims that the exploit does not affect BIND servers that do not allow dynamic updates, but the ISC post refutes that. This is a high-priority vulnerability and DNS operators will want to upgrade BIND to the latest patch level."

2 of 197 comments (clear)

  1. Ain't what it used to be.... by mcrbids · · Score: 3, Interesting

    Was once the day whe a notice like this would kick off a flurry of migrationn plans, compiler scripting, compiling, and restarting servers in the dead of night. (and bonuses to match!)

    But now?

    # yum -y update && shutdown - r now

    Sometimes I pine for the 'good old days'. A little. (ok, hardly at all)

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  2. OMG... by Garion911 · · Score: 5, Interesting

    I reported a bug *very* similar to this back in Oct, and only now its coming to light? WTF? I submitted this back in january and it was rejected. Ah well. Here's my page on it: http://garion.tzo.com/resume/page2/bind.html

    --
    Slashdot is like Playboy: I read it for the articles