DoS Attack Exploit in BIND 9

Jul 29, 2009

A specially crafted dynamic update message to a DNS zone for which the server is a master can raise havoc in BIND 9. An active remote exploit is already "in wide circulation."

All BIND 9 versions are affected, hence a recommended immediate update to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. A number of Linux distros have already reacted with updated versions, among them Debian and Ubuntu.

A certain NSUPDATE from an unauthenticated attacker can bring the entire server down, creating a denial-of-service (DoS) condition. The security bulletin indicates that the vulnerability "affects all servers and is not limited to those that are configured to allow dynamic updates." The only mitigating condition is that the attack works only against DNS master servers for one or more zones and not against slave servers.

Downloads of the recommended BIND patches are available in the ISC security bulletin.

Related content

  • Bind 10 Test Drive

    Admins have waited all of five years for the 10th major release of the Bind name server, which appeared at the end of March this year. The latest release is a complete rewrite of the DNS server, with a modular design and new configuration tools, but is it ready for business?

  • Honeytrap 1.0.0 Released

    Version 1.0.0 of the honeypot daemon Honeytrap has been released. It has a completely reworked configuration mechanism and new plugins.

  • Honeynet

    Security-conscious admins can use a honeynet to monitor, log, and analyze intrusion techniques.

  • DNSSEC

    Some Internet exploits target name resolution servers. DNSSEC uses cryptography to protect the name resolution service.

  • Apache ModSecurity

    The Apache ModSecurity module provides extra protection for your web server. We'll show you why this optional application firewall is quickly becoming a favorite of webmasters and security experts.

comments powered by Disqus

Issue 166/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia