dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


It's time to patch BIND before your DNS servers lock up

Jan 19, 2017, 04:00 (0 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)

Until you patch it, you're also running BIND with three security holes -- any one of which can be used to create DDOSs. These are CVE-2016-9131 (a malformed response to an ANY query can cause an assertion failure during recursion), CVE-2016-9147 (an error handling a query response containing inconsistent DNSSEC information could cause an assertion failure), and CVE-2016-9444 (an unusually formed DS record response could cause an assertion failure).

Complete Story

Related Stories: