BannerPortlet

Blogs

General Information

Bind is an open source DNS server software used by Linux and Windows system. On July 27th 2009, the exploit code of a vulnerability in Bind was published allowing hackers to attack and exit domain resolution service of Bind.


Publishing date

Affected Software

Severity

27/07/2009

Bind 9.4 (Linux and Windows)

Bind 9.5 (Linux and Windows)

Bind 9.6 (Linux and Windows)

High

Technical Details

Dynamic Updates is a protocol of DNS (rfc2136) that allows adding and deleting information on domain name records on DNS server. The recently vulnerability is found in the module handling this protocol of Bind.

Here comes the basic format of a Dynamic Updates message:

      +---------------------+

      |        Header       | 

      +---------------------+

      |         Zone        | Zone (domain name) that needs updating.

      +---------------------+

      |     Prerequisite    |  Does the record exist?

      +---------------------+

      |        Update       |  Change or delete the record?

      +---------------------+

      |   Additional Data   |  

      +---------------------+

Error occurs when Bind processes the Prerequisite field of the above message. More precisely, providing that the domain name record exists on the DNS server and its type as indicated in Prerequisite field is “ANY”, two badly-written lines of code of Bind will terminate the process and Bind thereafter is no longer able to satisfy subsequent domain name resolution requests.

Taking advantage of this vulnerability, hackers could easily perform denial of service (DOS) attack against DNS server that uses Bind, which might cause serious effect as DNS is the most important service on the Internet.

Solution

Rating this vulnerability critical, Bkis recommends that administrators and organizations providing DNS service using Bind update Bind to the latest version here.

 Bkis Security

Leave a Reply

Name (required)
Mail (hidden) (required)
Website
Text to Identify
Reload-Capcha
CAPTCHA Code *

Popup Date Time Portlet

Blogs Aggregator

Blog Category Portlet

Categories

Store Portlet

Archives

Vote Baby Portlet