The Internet Systems Consortium (ISC) has issued updates to solve four high severity flaws in the DNS software BIND. The flaw could be exploited by a remote attacker to cause a DoS condition.
An attacker can exploit the vulnerabilities to cause the BIND name server process to encounter an assertion failure and stop executing. The Internet Systems Consortium confirmed that it is not aware of active exploits for the flaws.
Below the list of flaws provided by the ISC:
The CVE-2016-9778 flaw affects only a subset of servers which are performing NXDOMAIN redirection using the “nxdomain-redirect” function.
The CVE-2016-9131, the CVE-2016-9147, and the CVE-2016-9444 flaws occur during the processing of an answer packet received in response to a query.
“As a result, recursive servers are at the greatest risk; authoritative servers are at risk only to the extent that they perform a limited set of queries (for example, in order to do zone service” state the advisories for the flaws.
The BIND versions 9.9.9-P5, 9.10.4-P5, 9.11.0-P2 and 9.9.9-S7 address the above vulnerabilities.
(Security Affairs – BIND, security)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.