Warning: Use of undefined constant WAF_CHECK_COOLDOWN_TIMER_SECONDS - assumed 'WAF_CHECK_COOLDOWN_TIMER_SECONDS' (this will throw an Error in a future version of PHP) in /srv/users/ilcert/apps/ilcert/public/wp-content/plugins/heatshield/class.heatshield.php on line 55

Warning: A non-numeric value encountered in /srv/users/ilcert/apps/ilcert/public/wp-content/plugins/heatshield/class.heatshield.php on line 445
Alerts – IL-CERT



BIND 9 Servers Denial of Service Vulnerability

ISC issued a vulnerability notification on BIND 9 DNS servers. The vulnerability allows remote attackers to crash the named service by sending a specially crafted query. Exploits of this vulnerability has been reported, with successful exploitation leading to crashing of name servers running vulnerable BIND versions.

Multiple versions of BIND authorative and recursive name servers are affected and it is therefore recommended to upgrade to the latest patched BIND version corresponding with the version in use. In addition, applications using libraries from affected versions may also be vulnerable.

Affected BIND versions: Open source: 9.7.0->9.7.7, 9.8.0->9.8.5-P1, 9.9.0->9.9.3-P1, 9.8.6b1 and 9.9.4b1; Subscription: 9.9.3-S1 and 9.9.4-S1b1

Source: https://kb.isc.org/article/AA-01015/0

Patch : Latest BIND versions available from http://www.isc.org/downloads/bind