ADMIN - Explore the new world of system administration! Special introductory offer! Order by September 30th to save 10% off the regular subscription price! Each issue delivers technical solutions to the real-world problems you face every day. Learn the latest techniques for better:
network security
system management
troubleshooting
performance tuning
virtualization
cloud computing
on Windows, Linux, Solaris, and popular varieties of Unix.
A specially crafted dynamic update message to a DNS zone for which the server is a master can raise havoc in BIND 9. An active remote exploit is already "in wide circulation."
All BIND 9 versions are affected, hence a recommended immediate update to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. A number of Linux distros have already reacted with updated versions, among them Debian and Ubuntu.
A certain NSUPDATE from an unauthenticated attacker can bring the entire server down, creating a denial-of-service (DoS) condition. The security bulletin indicates that the vulnerability "affects all servers and is not limited to those that are configured to allow dynamic updates." The only mitigating condition is that the attack works only against DNS master servers for one or more zones and not against slave servers.
Downloads of the recommended BIND patches are available in the ISC security bulletin.
Stop by Rikki's Open Source Exchange for dispatches from the world of women in open source.
Rikki Kite examines the experience of women across the spectrum of open source – the people, projects, organizations, events, articles, issues, and news.
Comments