Reply to comment
ISC BIND 9 Remote packet Denial of Service Vulnerability
The Internet Systems Consortium has announced a vulnerability present in several versions of BIND 9.x. The description of the vulnerability from their site is as follows:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code
location of the defect makes it impossible to protect BIND using ACLs
configured within named.conf or by disabling any features at
compile-time or run-time.
Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1, 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1, 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, 9.8.1b1
It is Highly advisable that you patch your systems immediately if you are running a vulnerable version. Full details are here.
Recent comments
19 hours 50 min ago
1 day 6 hours ago
2 days 3 hours ago
3 days 4 hours ago
3 days 21 hours ago
4 days 1 hour ago
5 days 4 hours ago
1 week 1 day ago
1 week 2 days ago
1 week 2 days ago