ISC describe DNS crash bug analysis

Published: 2011-12-05. Last Updated: 2011-12-05 23:44:42 UTC
by Stephen Hall (Version: 1)
0 comment(s)

You may recall in mid November that it was reported  that DNS resolvers across the Internet were crashing. This was classified as CVE-2011-4313.

Well, the developers of BIND at the Internet Systems Consortium have announced their findings into the issue.

They say that:

We have confirmed that it was triggered by an accidental operational error that exposed a previously unknown bug in BIND, causing an internal inconsistency which is effectively prevented by the mitigation patches we have produced and distributed.

They also highlight that this could have been exploited maliciously, so if you are running a version of BIND which is vulnerable to CVE-2011-4313 then they advise you to upgrade.

Steve Hall

ISC Handler.

Keywords: BIND DNS ISC
0 comment(s)
ISC StormCast for Tuesday, December 6th 2011 http://isc.sans.edu/podcastdetail.html?id=2173
ISC StormCast for Monday, December 5th 2011 http://isc.sans.edu/podcastdetail.html?id=2170

Comments

Login here to join the discussion.


Diary Archives