4 May 2007, 14:44

Security updates for the BIND nameserver available

Internet Systems Consortium, Inc. (ISC) has published a vulnerability of their BIND nameserver, which may be exploited to crash a server. The bug is related to the query_addsoa function and can be provoked by sending a specific sequence of manipulated queries to the server. While ISC does not provide more detailed information on this issue, the severity of this problem is rated as critical. Affected versions include BIND 9.4.0, BIND 9.5.0a1, 9.5.0a2, and 9.5.0a3. Version 9.5.0x is not publicly available. Updating to BIND 9.4.1 or BIND 9.5.0a4 will remedy this vulnerability; an alternative workaround is to disable recursion.

Also on The H:

MySQL Cluster update brings improved performance
Cisco Security Appliances at risk from Telnet bug
JDBC driver for Neo4J bridges the SQL/NoSQL divide
Security update for BIND name server
Serious vulnerability ratifies end of BIND8 DNS server
BIND name server vulnerable to DoS attacks

Share this article

Security updates for the BIND nameserver available

Also on The H:

Microsoft's struggle against bugs

CSI:Internet - Open heart surgery

CSI:Internet - A trip into RAM

The H Update Check

Internet Toolkit

Monopoly madness

What's new in Linux 3.4

A Practical Internet of Things

Booting up: Tools and tips for systemd

Kernel Log: Coming in 3.4 (Part 3) - Graphics drivers

Control Centre: The systemd Linux init system

Kernel Log: Coming in 3.4 (Part 2) - Filesystems, storage and drivers

Kernel Log: Coming in 3.4 (Part 1) - Infrastructure

What's new in Linux 3.3

Building a GSM network with open source

CSI:Internet - Controlled from the beyond

Price Insight Top 10 powered by Skinflint

The H

The H open source

The H Security

The H Internet Toolkit