Search DNSSEC Blog


Monday, May 9, 2011

BIND Update Patches Security Flaw

The Internet Systems Consortium (ISC) recently released Update 9.8.0-P1 for its BIND DNS server, which closes a potential denial of service vulnerability.
"Signed server replies (RRSIG) can cause a BIND server to crash under certain circumstances," The H Security reports. "ISC says that the vulnerability only occurs, however, if the vulnerable server supports response policy zones (RPZs)."
"ISC says the DoS has not yet been used for actual attacks, but the firm is keeping an eye on a number of DNSSEC validators that have sent answers to the BIND server which unintentionally caused crashes," the article states.
Go to "Update for BIND server patches DoS hole" to read the details.

Source:, Retrieved on May 9th, 2011


No comments:

Post a Comment