Potential 0-Day Vulnerability For BIND 9

Posted by Soulskill on Thursday November 17, 2011 @02:35AM from the bind-your-own-business dept.

Morty writes "BIND, the popular DNS server software, has been crashing all over the Internet. The root cause is believed to be a 0-day vulnerability in BIND's resolver. The ISC has issued an alert. Quoting: 'An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached. At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.'"

5 of 187 comments (clear)

Min score:

Reason:

Sort:

To the Red Phone! by Anonymous Coward · 2011-11-17 02:38 · Score: 4, Funny

Alert DJB at once!
Re:10 years ago by janeuner · 2011-11-17 02:48 · Score: 3, Funny

It's hard to go wrong with DJB*.
Re:10 years ago by afidel · 2011-11-17 02:54 · Score: 4, Funny

Unless you have to actually work with him.

--
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
APK's monolithic hosts file by Culture20 · 2011-11-17 03:08 · Score: 5, Funny

APK's monolithic hosts file is looking pretty good at the moment.
Re:A confusing summary on /., let me try to do bet by NoNonAlphaCharsHere · 2011-11-17 03:12 · Score: 3, Funny

BIND8, for those who used it, was a pile of poo.

Your understated discretion just takes my breath away.