securityadmin's blog

ISC BIND 9 vulnerable to denial of service via dynamic update request [Net #1026]

http://www.kb.cert.org/vuls/id/725188

"By sending a specially-crafted dynamic update packet to a BIND 9
server, a remote, unauthenticated attacker can cause a denial of service
by causing BIND to crash."

This vulnerability is fixed in "ISC BIND versions 9.4.3-P3, 9.5.1-P3,
and BIND 9.6.1-P1."

Please report which versions of BIND we are using so that we can assess
our exposure.

Thanks,
Brian

ISC BIND 9 vulnerable to denial of service via dynamic update request [Net #1026]

http://www.kb.cert.org/vuls/id/725188

"By sending a specially-crafted dynamic update packet to a BIND 9
server, a remote, unauthenticated attacker can cause a denial of service
by causing BIND to crash."

This vulnerability is fixed in "ISC BIND versions 9.4.3-P3, 9.5.1-P3,
and BIND 9.6.1-P1."

Please report which versions of BIND we are using so that we can assess
our exposure.

Thanks,
Brian

Pages