The Internet Systems Consortium is advising BIND users to update immediately to protect against a bug that may already be under attack to crash vulnerable servers.
The ISC says an unidentified network event caused BIND 9 resolvers to cache an invalid record, and when subsequent queries requested the invalid record, the servers crashed with the following assertion failure:
INSIST(! dns_rdataset_isassociated(sigrdataset)).
It’s also apparently being exploited to attack networks, with multiple members of the BIND users email list from Germany, France and the US reporting simultaneous crashes across multiple servers.
The ISC describes the bug as a potential zero-day exploit with no workaround, and urges immediate upgrade to BIND 9.8.1-P1, 9.7.4-P1, 9.6-ESV-R5-P1, or 9.4-ESV-R5-P1.
http://www.theregister.co.uk/2011/11/16/bind_in_a_bind_again/
Possibly related to a DNS server outage incident reported on a thread yesterday.
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore
