Skip to Content

ISC BIND 9 Remote packet Denial of Service Vulnerability

The Internet Systems Consortium has announced a vulnerability present in several versions of BIND 9.x. The description of the vulnerability from their site is as follows:

A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code
location of the defect makes it impossible to protect BIND using ACLs
configured within named.conf or by disabling any features at
compile-time or run-time.

Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1, 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1, 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, 9.8.1b1

It is Highly advisable that you patch your systems immediately if you are running a vulnerable version. Full details are here.

No votes yet


blog | by Dr. Radut