In association with heise online

06 September 2006, 12:36

BIND name server vulnerable to DoS

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Internet Systems Consortium (ISC), makers of the widely distributed Berkeley Internet Name Domain (BIND) DNS server, is warning of two potential denial of service problems that have been corrected in the most recent version. Attackers could send specially recursive queries in order to cause the servers to crash.

The first error is in the processing of the signed "Resource Record Sets" (RRsets), which contain the digital signatures within the framework of the "DNS Security Extensions" (DNSSEC). The second affects the handling of parallel recursive queries. All BIND versions 9.2.x, 9.3.x and 9.4.x are affected. ISC urgently recommends switching to new releases 9.4.0b2, 9.3.3rc2, 9.3.2-P1, 9.2.7rc1 or 9.2.6-P1.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit