ISC BIND 9 vulnerable to denial of service via dynamic update request

pubdomains.in

New Member
The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). It includes support for dynamic DNS updates as specified in IETF RFC 2136. BIND 9 can crash when processing a specially-crafted dynamic update packet. ISC notes that this vulnerability affects all servers that are masters for one or more zones and is not limited to those that are configured to allow dynamic updates. ISC also indicates that the attack packet has to be constructed for a zone for which the target system is configured as a master; launching the attack against slave zones does not trigger the vulnerability.


CERT
ISC
 

Ceres

New Member
Can you translate that into English :)

Whew, I thought I was the only one who could not understand a word of that. :p

Pubdomains.in, I'm guessing you're an expert in this area if you're able understand all that technical jargon. :)
 
Last edited by a moderator:

pubdomains.in

New Member
Okies - first need to understand few basics
a. DOS attack - Denial - Of - Service : When legitimate websites are loaded with fake requests (like continuous ping to a server from 1000 machines - so that CPU gets loaded enough to stop processing other requests and eventually crashes out)

b. DNS System: Used for resolving names. Thus InForum.in translates to an IP address, and this translation from user friendly language specific words to machine readable quad IP address such as 67.228.108.241 for inforum.in

c. BIND9: Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS). Used by multiple nameservers all across the globe.

--------------------
What the article posted by CERT advises is that a number of DNS systems using BIND9 could crash by use of malicious code that has been identified.

Directly you or I may not be controllling name servers - unless we have setup our own NameServers or DNS System. Since All website owners depend upon one or the other name servers for address resolution of our sites - there is a potential problem if the nameservers are not patched for possible DOS attack.

Good news is, that most of the name servers have been patched now after the warning was issued - and you shouldn't face any problems unless you own a DNS system and have not upgraded it to patch the hole.

HTH!!
 
Similar threads
Thread starter Title Forum Replies Date
P GoDaddy Testifies that JPA Sunset would leave ICANN vulnerable Non-Indian Domains 0

Similar threads

whois

Recent Posts



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
26,875
Messages
73,843
Members
7,639
Latest member
rohanarya2612
Top Bottom