The Inquirer-Home

Mysterious flaw crashes Bind 9 DNS servers

Get patching people
Thu Nov 17 2011, 14:06

AN UNEXPLAINED ZERO DAY vulnerability is causing Bind 9 DNS servers to crash and triggering service interruptions for domain name servers.

An urgent security advisory from the Internet Systems Consortium (ISC) rates the situation as critical, suggesting that organisations should patch it as soon as possible.

"Affected servers crashed after logging an error in query.c with the following message: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9,12," says the advisory.

The ISC added that it is "actively investigating the root cause" and has produced patches that can be added to mitigate the risks, however it is calling it an "as-yet unidentified network event", and as yet has not found a definite cause.

Mark Stockley at security firm Sophos said that the event has all the hallmarks of a denial of service vulnerability being exploited in-the-wild.

Until the ICS fully resolves the situation its patch will prevent the cache from returning the inconsistent data and prevents crashes if it detects it has been given an inconsistent answer of this nature. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Internet of Things at Christmas poll

Which smart device are you hoping Santa brings?