ISC BIND 9 vulnerable to denial of service via dynamic update request

IT.com

pubdomains.in

New Member
The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). It includes support for dynamic DNS updates as specified in IETF RFC 2136. BIND 9 can crash when processing a specially-crafted dynamic update packet. ISC notes that this vulnerability affects all servers that are masters for one or more zones and is not limited to those that are configured to allow dynamic updates. ISC also indicates that the attack packet has to be constructed for a zone for which the target system is configured as a master; launching the attack against slave zones does not trigger the vulnerability.


CERT
ISC
 
Can you translate that into English :)

Whew, I thought I was the only one who could not understand a word of that. :p

Pubdomains.in, I'm guessing you're an expert in this area if you're able understand all that technical jargon. :)
 
Last edited by a moderator:
Okies - first need to understand few basics
a. DOS attack - Denial - Of - Service : When legitimate websites are loaded with fake requests (like continuous ping to a server from 1000 machines - so that CPU gets loaded enough to stop processing other requests and eventually crashes out)

b. DNS System: Used for resolving names. Thus InForum.in translates to an IP address, and this translation from user friendly language specific words to machine readable quad IP address such as 67.228.108.241 for inforum.in

c. BIND9: Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS). Used by multiple nameservers all across the globe.

--------------------
What the article posted by CERT advises is that a number of DNS systems using BIND9 could crash by use of malicious code that has been identified.

Directly you or I may not be controllling name servers - unless we have setup our own NameServers or DNS System. Since All website owners depend upon one or the other name servers for address resolution of our sites - there is a potential problem if the nameservers are not patched for possible DOS attack.

Good news is, that most of the name servers have been patched now after the warning was issued - and you shouldn't face any problems unless you own a DNS system and have not upgraded it to patch the hole.

HTH!!
 

whois



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
29,388
Messages
76,792
Members
7,945
Latest member
nilamburfurniture
Top Bottom