Sysadmins of the North
Share now!





BIND 9.x vulnerable for remote Denial of Service through a magic packet

A vulnerability in BIND, and all it takes is just one tiny little packet…

BIND 9.x is vulnerable for a remote Denial of Service, where a tiny magic packet can cause BIND 9.x to stop and exit named with a REQUIRE assertion failure. All the attacker needs to send is a specially – and deliberately – constructed packet to exploit an error in the handling of queries for TKEY records. The vulnerability in BIND will crash and take down the BIND named daemon…

All versions of BIND 9 from BIND 9.1.0 (inclusive) through BIND 9.9.7-P1 and BIND 9.10.2-P2 are vulnerable, administrators should upgrade to a patched version as soon as possible. These can be downloaded from https://www.isc.org/downloads/.

BIND 9.x vulnerability details CVE-2015-5477

The BIND 9.x vulnerability details are described in CVE-2015-5477, which you can read in the National Vulnerability Database (NVD by NIST) and Common Vulnerabilities and Exposures (CVE) websites. ISC’s released their own advisory AA-01272.

About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.

follow me on:


Thank you!

Leave a Comment:

Skip to content