BIND 9 Update fixing CVE-2013-3919
Today BIND9 recevied an update fixing a "recursive resolver with a RUNTIME_CHECK error in resolver.c" [1] Affected versions are BIND 9.6-ESV-R9, 9.8.5, and 9.9.3. The rated CVSS on this one is 7.8 [1,2]
To quote isc.org:
"At the time of this advisory no intentional exploitation of this bug has been observed in the wild. However, the existence of the issue has been disclosed on an open mailing list with enough accompanying detail to reverse engineer an attack and ISC is therefore treating this as a Type II (publicly disclosed) vulnerability, in accordance with our Phased Disclosure Process."
It it is time to review those BIND9 servers and start the process of patching.
[1] https://kb.isc.org/article/AA-00967
[2] http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Richard Porter
--- ISC Handler on Duty
×
Diary Archives
Comments
Beave
Jun 10th 2013
1 decade ago
21x from 117.135.144.125
20x from 222.186.26.115
19x from 60.28.246.143
Since DNS is a stateless protocol, wouldn't it be easier to just try an exploit than to do a version check first?
I can't imagine CVE-2013-3919 (a mere DoS) being all that interesting to someone doing widespread scans - you would usually have specific target for that - so maybe this relates to something older?
Steven Chamberlain
Jun 11th 2013
1 decade ago