A vulnerability in BIND, and all it takes is just one tiny little packet…
BIND 9.x is vulnerable for a remote Denial of Service, where a tiny magic packet can cause BIND 9.x to stop and exit named with a REQUIRE assertion failure. All the attacker needs to send is a specially – and deliberately – constructed packet to exploit an error in the handling of queries for TKEY records. The vulnerability in BIND will crash and take down the BIND named daemon…
All versions of BIND 9 from BIND 9.1.0 (inclusive) through BIND 9.9.7-P1 and BIND 9.10.2-P2 are vulnerable, administrators should upgrade to a patched version as soon as possible. These can be downloaded from https://www.isc.org/downloads/.
The BIND 9.x vulnerability details are described in CVE-2015-5477, which you can read in the National Vulnerability Database (NVD by NIST) and Common Vulnerabilities and Exposures (CVE) websites. ISC’s released their own advisory AA-01272.
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.
A cheat-sheet for password crackers
Windows privilege escalation guide
Help Net Security reviewed Acunetix 11
Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege
Penetration Testers’ Guide to Windows 10 Privacy & Security
Joomla (< 3.6.4) Account Creation/Elevated Privileges write-up and exploit
Samsung’s smart camera. A tale of IoT & network security
“How we broke PHP, hacked Pornhub and earned $20,000”