BIND DNS Server Hole

Tuesday, September 18, 2012 @ 10:09 AM gHale


The free DNS server BIND, which the Internet Systems Consortium (ISC) maintains, contains a security vulnerability that allows attackers to crash it using specially crafted data records, according to the Austrian national CERT.

The ISC said resource records with RDATA fields that exceed 65535 bytes cause the domain name server to crash the next time this record ends up queried.

RELATED STORIES
Enfal Malware Hits Nuke, Energy Sectors
Over Half Androids have Vulnerabilities
Chrome for Android Fixes Bugs
Profiting off Android Attacks

The following versions of BIND suffer from the issue:
• BIND 9.0.x to 9.6.x
• BIND 9.4-ESV to 9.4-ESV-R5-P1
• BIND 9.6-ESV to 9.6-ESV-R7-P2
• BIND 9.7.0 to 9.7.6-P2
• BIND 9.8.0 to 9.8.3-P2
• BIND 9.9.0 to 9.9.1-P2

ISC recommends users upgrade to one of the current versions – 9.7.7, 9.7.6-P3, 9.6-ESV-R8, 9.6-ESV-R7-P3, 9.8.4, 9.8.3-P3, 9.9.2 or 9.9.1-P3 – as soon as possible.

The Austrian national CERT said sealing off a server from the outside is not sufficient to protect it against an attack. Apparently, an email could trigger a name server query, causing the server to load the specially crafted record. That the query appears to come “from the inside” offers no protection in this case.

It remains unclear whether the flaw can only trigger server crashes or whether it can also inject malicious software.



Leave a Reply

You must be logged in to post a comment.