47 replies to this topic

[AplusWebMaster]

FYI...

BIND DNS server vuln...
- http://h-online.com/-1727232
10 Oct 2012 - "The Internet Systems Consortium (ISC) is warning users of a critical vulnerability in the free BIND DNS server that can be exploited by an attacker to cause a denial-of-service (DoS) condition. According to the ISC, the security issue (CVE-2012-5166*) is caused by a problem when processing a specially crafted combination of resource records (RDATA). When loaded, this data can cause a name server to lock up. The ISC says that, when this happens, normal functionality can only be restored by terminating and restarting the named daemon. Affected versions include 9.2.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P3, 9.7.0 to 9.7.6-P3, 9.8.0 to 9.8.3-P3 and 9.9.0 to 9.9.1-P3. The ISC notes that while versions 9.2, 9.3, 9.4 and 9.5 of BIND are vulnerable, these branches are considered to be "end of life" (EOL) and are no longer updated. Upgrading to 9.7.7, 9.7.6-P4, 9.6-ESV-R8, 9.6-ESV-R7-P4, 9.8.4, 9.8.3-P4, 9.9.2 or 9.9.1-P4 corrects the problem. Alternatively, as a workaround, users can set the "minimal-responses" option to "yes" in order to prevent the lockup. The ISC says that it currently knows of no active exploits. The new releases are available from the ISC's downloads page**; all users are advised to update to the latest versions."

* https://kb.isc.org/article/AA-00801
Last Updated: 2012-10-09
- https://www.isc.org/...s/cve-2012-5166

** https://www.isc.org/downloads/all

> https://www.isc.org/...security/matrix
___

- http://www.securityt....com/id/1027642
CVE Reference: http://web.nvd.nist....d=CVE-2012-5166 - 7.8 (HIGH)
Oct 11 2012
Solution: The vendor has issued a fix (9.6-ESV-R8, 9.6-ESV-R7-P4, 9.7.7, 9.7.6-P4, 9.8.4, 9.8.3-P4, 9.9.2, 9.9.1-P4).
The vendor's advisory is available at: https://kb.isc.org/article/AA-00801

- https://secunia.com/advisories/50878/
Release Date: 2012-10-10
Criticality level: Moderately critical
Impact: DoS
Where: From remote...
CVE Reference: CVE-2012-5166
Solution: Update to a fixed release... see the vendor's advisory for details.
Original Advisory: https://kb.isc.org/article/AA-00801

Edited by AplusWebMaster, 15 October 2012 - 05:57 AM.

[AplusWebMaster]

FYI...

ISC BIND 9.8.4-P1, 9.9.2-P1 released
- https://secunia.com/advisories/51484/
Release Date: 2012-12-05
Criticality level: Moderately critical
Impact: DoS
Where: From remote...
Software: ISC BIND 9.8.x, ISC BIND 9.9.x
CVE Reference: http://web.nvd.nist....d=CVE-2012-5688 - 7.8 (HIGH)
... vulnerability is reported in versions 9.8.0 through 9.8.4 and 9.9.0 through 9.9.2.
Solution: Update to version 9.8.4-P1 or 9.9.2-P1.
Original Advisory:
https://www.isc.org/...s/cve-2012-5688
Severity: Critical
https://kb.isc.org/article/AA-00828
https://kb.isc.org/article/AA-00829
Last Updated: 2012-12-04

- http://www.securityt....com/id/1027835
CVE Reference: CVE-2012-5688
Dec 5 2012
Impact: Denial of service via network
Version(s): 9.8.0 - 9.8.4, 9.9.0 - 9.9.2
Solution: The vendor has issued a fix (9.8.4-P1, 9.9.2-P1).

- https://isc.sans.edu...l?storyid=14641
Last Updated: 2012-12-05 13:07:56 UTC - "... The patch addresses -26- different bugs and/or security issues..."

> https://www.isc.org/downloads/all
___

- http://h-online.com/-1763332
6 Dec 2012

Edited by AplusWebMaster, 23 December 2012 - 09:19 AM.

[AplusWebMaster]

FYI...

ISC BIND DoS vuln
- https://secunia.com/advisories/51969/
Release Date: 2013-01-25
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Software: ISC BIND 9.8.x, 9.9.x
CVE Reference: CVE-2012-5689
Original Advisory:
- https://www.isc.org/...s/cve-2012-5689
CVE: CVE-2012-5689
Document Version: 2.0
Posting date: 24 Jan 2013
Program Impacted: BIND
Versions affected: 9.8.0->9.8.4-P1, 9.9.0->9.9.2-P1
- https://kb.isc.org/article/AA-00855

[AplusWebMaster]

FYI...

ISC BIND 9 - critical update
- https://secunia.com/advisories/52782/
Release Date: 2013-03-27
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Software: ISC BIND 9.7.x, 9.8.x, 9.9.x
Solution: Apply patches or update to a fixed release (please see the vendor's advisory for details).
- https://kb.isc.org/article/AA-00871
2013-03-26 - "A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns..."
> https://www.isc.org/downloads/all

- https://web.nvd.nist...d=CVE-2013-2266 - 7.8 (HIGH)

- http://h-online.com/-1832816
29 March 2013

Ubuntu update for bind9
- https://secunia.com/advisories/52861/
Release Date: 2013-04-01
... more information: https://secunia.com/SA52782/
Solution: Apply updated packages.
Original Advisory: USN-1783-1: http://www.ubuntu.com/usn/usn-1783-1/

Debian update for bind9
- https://secunia.com/advisories/52810/
Release Date: 2013-04-01
... more information: https://secunia.com/SA52782/
Solution: Apply updated packages via the apt-get package manager.
Original Advisory: DSA-2656-1: http://www.debian.or...y/2013/dsa-2656

Edited by AplusWebMaster, 01 April 2013 - 08:29 AM.

[AplusWebMaster]

FYI..

ISC BIND9 - DoS vuln/fix
- https://secunia.com/advisories/53709/
Release Date: 2013-06-05
Criticality level: Moderately critical
Impact: DoS
Where: From remote ...
Software: ISC BIND 9.6.x, 9.8.x, 9.9.x
CVE Reference: https://web.nvd.nist...d=CVE-2013-3919 - 7.8 (HIGH)
... vulnerability is reported in versions 9.6-ESV-R9, 9.8.5, and 9.9.3.
Solution: Update to version 9.9.3-P1, 9.8.5-P1, or 9.6-ESV-R9-P1.
Original Advisory: ISC: https://kb.isc.org/article/AA-00967

> https://www.isc.org/downloads/all
___

- https://isc.sans.edu...l?storyid=15941
Last Updated: 2013-06-05 22:00:12 UTC

Edited by AplusWebMaster, 15 June 2013 - 11:49 AM.

[AplusWebMaster]

FYI...

ISC BIND 9 DoS vuln
- https://kb.isc.org/article/AA-01015
2013-07-26
Program Impacted: BIND
Versions affected: Open source: 9.7.0->9.7.7, 9.8.0->9.8.5-P1, 9.9.0->9.9.3-P1, 9.8.6b1 and 9.9.4b1; Subscription: 9.9.3-S1 and 9.9.4-S1b1
Severity: Critical
Exploitable: Remotely
Description: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query.
BIND 9.6 and BIND 9.6-ESV are unaffected by this problem. Earlier branches of BIND 9 are believed to be unaffected but have not been tested. BIND 10 is also unaffected by this issue.
Please Note: All versions of BIND 9.7 are known to be affected, but these branches are beyond their "end of life" (EOL) and no longer receive testing or security fixes from ISC. For current information on which versions are actively supported, please see http://www.isc.org/d...oftware-status/
Impact: Authoritative and recursive servers are equally vulnerable. Intentional exploitation of this condition can cause a denial of service in all nameservers running affected versions of BIND 9. Access Control Lists do not provide any protection from malicious clients. In addition to the named server, applications built using libraries from the affected source distributions may crash with assertion failures triggered in the same fashion...
CVSS Score: 7.8 ...
Workarounds: No known workarounds at this time.
Active exploits: Crashes have been reported by multiple ISC customers. First observed in the wild on 26 July 2013.
Solution: Upgrade to the patched release most closely related to your current version of BIND. Open source versions can all be downloaded from
- http://www.isc.org/downloads .Subscription version customers will be contacted directly by ISC Support regarding delivery.
BIND 9 version 9.8.5-P2
BIND 9 version 9.9.3-P2
BIND 9 version 9.9.3-S1-P1 (Subscription version available via DNSco)..."

- https://secunia.com/advisories/54195/
Release Date: 2013-07-29
Criticality: Moderately Critical
CVE Reference: https://web.nvd.nist...d=CVE-2013-4854 - 7.8 (HIGH)
Note: This is currently being exploited in the wild.
... vulnerability is reported in versions 9.8.0 through 9.8.5-P1 and versions 9.9.0 through 9.9.3-P1.
Solution: Update to a fixed version.
Original Advisory:
https://kb.isc.org/article/AA-01015/0
https://kb.isc.org/article/AA-01016/

- http://www.securityt....com/id/1028838
CVE Reference: CVE-2013-4854
Jul 26 2013
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes ...
Solution: The vendor has issued a fix (9.8.5-P2, 9.9.3-P2, 9.9.3-S1-P1)...

Edited by AplusWebMaster, 31 July 2013 - 09:17 AM.

[AplusWebMaster]

FYI...

BIND 9.6.x, 9.8.x, 9.9.x - updated
- https://kb.isc.org/article/AA-01062/
CVE: CVE-2013-6230
06 Nov 2013
Program Impacted: BIND
Versions affected:
Windows versions 9.6-ESV->9.6-ESV-R10, 9.8.0->9.8.6, 9.9.0->9.9.4; Subscription: 9.9.3-S1 and 9.9.4-S1. ONLY Windows servers are affected.
Severity: High, for Windows systems with a specific netmask value set.
Exploitable: Remotely ...

BIND 9 Security Vulnerability Matrix
- https://kb.isc.org/article/AA-00913/0
Last Updated: 2013-11-06

- https://secunia.com/advisories/55607/
Release Date: 2013-11-07
Where: From remote
Impact: Security Bypass
Software: ISC BIND 9.6.x, 9.8.x, 9.9.x
CVE Reference: CVE-2013-6230
Note: This security issue only affects ISC BIND running on Windows. The security issue is reported in versions prior to 9.9.4-P1, 9.8.6-P1, and 9.6-ESV-R10-P1.
Solution: Update to version 9.9.4-P1, 9.8.6-P1, or 9.6-ESV-R10-P1...
 

[AplusWebMaster]

FYI...

ISC BIND 9 updates...
- http://www.securityt....com/id/1029589
CVE Reference: https://web.nvd.nist...d=CVE-2014-0591
Jan 13 2014
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.6.0.x -> 9.6-ESV-R10-P1, 9.7 (all versions), 9.8.0 -> 9.8.6-P1, 9.9.0 -> 9.9.4-P1
Description: A vulnerability was reported in ISC BIND. A remote user can cause denial of service conditions...
Solution: The vendor has issued a fix (9.6-ESV-R10-P2, 9.8.6-P2, 9.9.4-P2).
The vendor's advisory is available at:
- https://kb.isc.org/a...le/AA-01078/74/

- http://atlas.arbor.n...ndex#-889130097
Elevated Severity
16 Jan 2014
ISC has released patches for BIND that resolve a Denial of Service condition.
Source: http://www.securityfocus.com/bid/64801
 

Edited by AplusWebMaster, 16 January 2014 - 08:50 PM.

[AplusWebMaster]

FYI...

ISC BIND 9 updates...

BIND 9.9.5
- https://kb.isc.org/a...ease-Notes.html
Last Updated: 2014-01-31
- https://web.nvd.nist...d=CVE-2013-6230 - 6.8
- https://web.nvd.nist...d=CVE-2014-0591 - 2.6

BIND 9.8.7
- https://kb.isc.org/a...ease-Notes.html
Last Updated: 2014-01-31

BIND 9.6-ESV-R11
- https://kb.isc.org/a...ease-Notes.html
Last Updated: 2014-01-31

- https://www.isc.org/downloads/
 

[AplusWebMaster]

FYI...

ISC BIND 9.10.0-P1
- http://www.securityt....com/id/1030214
CVE Reference: https://web.nvd.nist...d=CVE-2014-3214 - 5.0
May 9 2014
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.10.0 ...
Impact: A remote user can cause the target nameserver to crash.
Solution: The vendor has issued a fix (9.10.0-P1)...
The vendor's advisory is available at:
- https://kb.isc.org/article/AA-01161
8 May 2014
BIND Versions affected: 9.10.0
Severity: High
Release Notes:
- https://kb.isc.org/a...ease-Notes.html
 

Edited by AplusWebMaster, 09 May 2014 - 01:23 PM.

[AplusWebMaster]

FYI...

ISC BIND EDNS Option Processing Flaw ...
- http://www.securityt....com/id/1030414
CVE Reference: https://web.nvd.nist...d=CVE-2014-3859 - 5.0
Jun 12 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.10.0, 9.10.0-P1 ...
Solution: The vendor has issued a fix (9.10.0-P2).
The vendor's advisory is available at:
- https://kb.isc.org/a...processing.html
 

Edited by AplusWebMaster, 13 June 2014 - 05:59 PM.

[AplusWebMaster]

FYI...

ISC.org website hacked: Scan your PC for malware if you stopped by
Cryptographically signed BIND, DHCP code safe...
- http://www.theregist...isc_org_hacked/
26 Dec 2014 - "The website for the Internet Systems Consortium, which develops the BIND DNS and ISC DHCP tools, has been hacked. Anyone who recently browsed ISC.org is urged to check their PC for malware as miscreants booby-trapped the site to infect visitors. The website has been replaced by a placeholder page warning netizens of the attack. ISC.org served pages using WordPress, and either that CMS or one of its plugins or support files was exploited to compromise the web server...  the source code to ISC's crucial software packages are stored on a separate server, and cryptographically signed to prove they haven't been tampered with. Its BIND DNS server and DHCP tools are widely used on the internet, and included in most Linux and Unix-flavored operating systems... People visiting the .org are likely to be involved in engineering software and hardware behind the scenes of the web; compromising them with malware could give attackers access to valuable systems and possibly the tools to subvert them... According to a blog post by Cyphort Labs*, ISC was warned its website was serving malware on December 22; the site was scrubbed clean and replaced by a placeholder the next day. Miscreants had managed to exploit some part of the CMS to redirect visitors to a page serving the Angler Exploit Kit. This package attempts to infect Windows PCs using security holes in Internet Explorer, Flash and Silverlight..."
* http://www.cyphort.c...c-org-infected/
___

ISC BIND 9 - CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND
- https://kb.isc.org/a...4/CVE-2014-8500
8 Dec 2014
CVE: https://web.nvd.nist...d=CVE-2014-8500
Program Impacted: BIND 9
Versions affected: 9.0.x -> 9.8.x, 9.9.0 -> 9.9.6, 9.10.0 -> 9.10.1
Severity: Critical
Exploitable: Remotely
Description: By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service...
Impact: All recursive resolvers are affected. Authoritative servers can be affected if an attacker can control a delegation traversed by the authoritative server in servicing the zone...
Workarounds: No workarounds exist. Vulnerable versions of BIND 9 should be upgraded.
Active exploits: No known active exploits...
Related Documents: See our BIND9 Security Vulnerability Matrix at:
- https://kb.isc.org/article/AA-00913 for a complete listing of Security Vulnerabilities and versions affected...
Solution: Upgrade to the patched release most closely related to your current version of BIND.
Patched builds of currently supported branches of BIND (9.9 and 9.10) can be downloaded via - http://www.isc.org/downloads
    BIND 9 version 9.9.6-P1
    BIND 9 version 9.10.1-P1
Regarding older versions: BIND 9.6-ESV and BIND 9.8 have been officially designated "end of life" (EOL) and no longer receive support. All organizations running EOL branches should be planning transition to currently supported branches. However, due to the severity of this particular issue, source code diffs which can be applied to BIND 9.8 and BIND 9.6-ESV will be made available on request to:
 security-officer@isc.org

- http://www.securityt....com/id/1031311
CVE Reference: CVE-2014-8500
Dec 9 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.0.x - 9.8.x, 9.9.0 - 9.9.6, 9.10.0 - 9.10.1
Solution: The vendor has issued a fix (9.9.6-P1, 9.10.1-P1)...
___

ISC BIND 9 - CVE-2014-8680: Defects in GeoIP features can cause BIND to crash
- https://kb.isc.org/a...4/CVE-2014-8680
8 Dec 2014
CVE: https://web.nvd.nist...d=CVE-2014-8680
Program Impacted: BIND 9
Versions affected: 9.10.0 -> 9.10.1 ...
Severity: High
Exploitable: Remotely
Description: Multiple errors have been identified in the GeoIP features added in BIND 9.10.  Two are capable of crashing BIND - triggering either can cause named to exit with an assertion failure, resulting in a denial of service condition. A third defect is also corrected, which could have caused GeoIP databases to not be loaded properly if their location was changed while BIND was running. Only servers built to include GeoIP functionality are affected.
Impact: The GeoIP features in BIND 9.10 are enabled by a compile-time option which is not selected by default. If you did not compile your BIND binary, or do not know whether you selected GeoIP features, you can test whether the functionality is compiled in by examining the output of the command "named -V" for "--with-geoip". Only servers which were compiled with GeoIP enabled can be affected by these defects. Servers which encounter either of the first two defects will terminate with an "assertion failure" error.
Workarounds:
Of the two errors, the first can occur with server binaries which were configured with GeoIP enabled if an IPv4 GeoIP database is loaded but no corresponding IPv6 database is found or if an IPv6 GeoIP database is loaded but no corresponding IPv4 database is found. This error can be avoided by ensuring that both IPv6 and IPv4 GeoIP databases are loaded.
A workaround for the second error is to disable IPv6 support by running named with the -4 option or configuring with "listen-on-v6 { none; };".
Upgrading to a patched version is recommended.
Active exploits: No known active exploits.
Solution: Upgrade to BIND 9.10.1-P1, which is available from http://www.isc.org/downloads

- http://www.securityt....com/id/1031312
CVE Reference: CVE-2014-8680
Dec 9 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.10.0, 9.10.1 ...
Solution: The vendor has issued a fix (9.10.1-P1)...
 

 

Edited by AplusWebMaster, 28 December 2014 - 10:50 PM.

[AplusWebMaster]

FYI...

ISC BIND 9 - CVE-2015-1349: Trust Anchor Management
- https://kb.isc.org/article/AA-01235
18 Feb 2015
CVE: https://web.nvd.nist...d=CVE-2015-1349   - 5.4
Program Impacted: BIND
Versions affected: BIND 9.7.0 -> BIND 9.10.1-P1.  Also, b1 and rc1 development versions of the upcoming BIND maintenance releases (9.9.7b1 & rc1, 9.10.2b1 & rc1) are affected.
BIND versions 9.9.6, 9.9.6-P1, 9.10.1, and 9.10.1-P1 will terminate consistently with an assertion in zone.c, but previous affected versions may exhibit unpredictable behaviour, including server crashes, due to the use of an improperly initialized variable...
Workarounds: For a workaround, do not use "auto" for the dnssec-validation or dnssec-lookaside options and do not configure a managed-keys statement.  In order to do DNSSEC validation with this workaround one would have to configure an explicit trusted-keys statement with the appropriate keys.
Active exploits: No known active exploits.
Solution: Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from:
- http://www.isc.org/downloads.
    BIND 9.9.6-P2
    BIND 9.10.1-P2
The issue is also fixed in the BIND development releases:
    BIND 9.9.7rc2
    BIND 9.10.2rc2 ...

- https://kb.isc.org/a...ity-Matrix.html

- https://kb.isc.org/c.../Release-Notes/
___

- http://www.securityt....com/id/1031763
CVE Reference: https://web.nvd.nist...d=CVE-2015-1349   - 5.4
Feb 18 2015

-  https://kb.isc.org/article/AA-01235
 

Edited by AplusWebMaster, 05 May 2015 - 11:04 AM.

[AplusWebMaster]

FYI...

BIND 9-version 9.9.7-P1, 9.10.2-P2 released
CVE-2015-4620: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating
> BIND9 > Security Advisories
- https://kb.isc.org/a...Validating.html
2015-07-07
Severity: Critical
Exploitable: Remotely
Description: A very uncommon combination of zone data has been found that triggers a bug in BIND, with the result that named will exit with a "REQUIRE" failure in name.c when validating the data returned in answer to a recursive query. This means that a recursive resolver that is performing DNSSEC validation can be deliberately stopped by an attacker who can cause the resolver to perform a query against a maliciously-constructed zone.
Impact: A recursive resolver that is performing DNSSEC validation can be deliberately terminated by any attacker who can cause a query to be performed against a maliciously constructed zone. This will result in a denial of service to clients who rely on that resolver. DNSSEC validation is only performed by a recursive resolver if it has "dnssec-validation auto;" in its configuration or if it has a root trust anchor defined and has "dnssec-validation yes;" set (either by accepting the default or via an explicitly set value of "yes".)  
By default ISC BIND recursive servers will not validate. (However, ISC defaults may have been changed by your distributor.)
CVSS Score: 7.8
Workarounds: Disabling DNSSEC validation prevents exploitation of this defect but is not generally recommended.  The recommended solution is to upgrade to a patched version...
Solution: Upgrade to the patched release most closely related to your current version of BIND:
  BIND 9 version 9.9.7-P1
  BIND 9 version 9.10.2-P2
BIND9 Security Vulnerability Matrix: https://kb.isc.org/article/AA-00913

> https://web.nvd.nist...d=CVE-2015-4620
Last revised: 07/08/2015
___

- http://www.securityt....com/id/1032799
CVE Reference: CVE-2015-4620
Jul 7 2015
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.7.1 - 9.7.7, 9.8.0 - 9.8.8, 9.9.0 - 9.9.7, 9.10.0 - 9.10.2-P1
Description: A vulnerability was reported in ISC BIND. A remote user can cause the target service to crash...
Solution: The vendor has issued a fix (9.9.7-P1, 9.10.2-P2).
 

Edited by AplusWebMaster, 09 July 2015 - 06:14 AM.

[AplusWebMaster]

FYI...

BIND9 Security Advisory - CVE-2015-5477: An error in handling TKEY queries ...
- https://kb.isc.org/article/AA-01272
2015-07-28 - "A deliberately constructed packet can exploit an error in the handling of queries for TKEY records, permitting denial of service.
CVE: CVE-2015-5477
Document Version: 2.0
Posting date: 28 July 2015
Program Impacted: BIND
Versions affected: 9.1.0 -> 9.8.x, 9.9.0->9.9.7-P1, 9.10.0->9.10.2-P2
Severity: Critical
Exploitable: Remotely
Description: An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit.
Impact: Both recursive and authoritative servers are vulnerable to this defect.  Additionally, exposure is not prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling, before checks enforcing those boundaries.
All versions of BIND 9 from BIND 9.1.0 (inclusive) through BIND 9.9.7-P1 and BIND 9.10.2-P2 are vulnerable.
Operators should take steps to upgrade to a patched version as soon as possible.
CVSS Score: 7.8
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Workarounds: None.
Active exploits: None known.
Solution: Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from:
- http://www.isc.org/downloads
    BIND 9 version 9.9.7-P2
    BIND 9 version 9.10.2-P3
___

- http://www.securityt....com/id/1033100
CVE Reference: CVE-2015-5477
Jul 29 2015
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.1.0 - 9.8.x, 9.9.0 - 9.9.7-P1, 9.10.0 - 9.10.2-P2 ...
Solution: The vendor has issued a fix (9.9.7-P2, 9.10.2-P3).
___

- http://www.infoworld...tware-flaw.html
Aug 3, 2015
> https://blog.sucuri....n-the-wild.html
Aug 2, 2015 - "... We can confirm that the attacks have begun... If you have not patched your DNS server, do it now.."
 

Edited by AplusWebMaster, 03 August 2015 - 09:13 AM.