New BIND vulnerability CVE-2011-4313

2011-11-16 - News - Chris Thompson

ISC have issued the BIND advisory

It concerns a bug, thought to be a remotely exploitable, that crashes recursive nameservers, and they have provided new BIND versions (9.4-ESV-R5-P1, 9.6-ESV-R5-P1, 9.7.4-P1, 9.8.1-P1) which are proof against crashing from this cause, although the precise sequence of events that leads to it remains obscure.

Although we are not aware of any local nameservers that have been affected by this problem, several other sites have been badly affected in the last 24 hours.

The CUDN central recursive nameservers at & are now running BIND 9.8.1-P1.