BIND 9 DoS Update: CVE-2009-0696

July 31, 2009 / 0 Comments

image BIND, the Berkley Internet Name Domain service, provides forward (authoritative) and recursive (non-authoritative) DNS lookups for the majority of the internet as we know it. A security vulnerability outlined here shows that a specially crafted packet can cause the DNS daemon to stop functioning. It is imperative that all “master” DNS servers get updated immediately. More general information on BIND can be found on their site here.

CVE Information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0696

RHEL Bug Information: https://bugzilla.redhat.com/show_bug.cgi?id=514292

 

The NVD at NIST reports the following overview of this issue:

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

 

Updating BIND on RHEL/CentOS (4/5)

Updated packages are available to assure you are running the latest release.

Use this command to update bind on yum-based systems:

# yum –y update bind

Updating BIND on Debian / Ubuntu

1
<font size="1"> # apt-get update       <br /> # apt-get upgrade        <br /> # /etc/init.d/bind9 restart</font>

 

 

Leave a Reply

Your email address will not be published / Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.