Bind9 Zero Day exploit : CVE-2011-4313

Dla tych, którzy używają binda:


It is a world wide request, there where already several attacks on major big DNS systems. If the attack is successfull then your DNS server does not serve any requests anymore so all your hosted domains will be un reachable.

CentOS 4: yum update bind
CentOS 5: yum update bind

CentOS 6: The new bind package is in the CR repo

BIND 9 Resolver crashes after logging an error in query.c
Organizations across the Internet reported crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crashed after logging an error in query.c with the following message: "INSIST)" Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and has produced patches which prevent the crash. Further information will be made available soon.

CVE: CVE-2011-4313
Document Version: 1.2.1
Posting date: 16 Nov 2011
Program Impacted: BIND
Versions affected: 9.4-ESV (all), 9.6-ESV (all), 9.7 (all), 9.8 (all)
Severity: Serious
Exploitable: Remotely