Upgrade your DNS: BIND 9 DNS Vulnerability / DDoS Attack
 

There's a new exploit for BIND 9 that will allow a remote attacker to shut down your DNS servers.

The exploit is in the wild, all versions are affected.

There is a patch / upgrade available.

Text from www.isc.org:

Redwood City, California -- July 28, 2009 -- ISC has published new releases of all current versions BIND 9 in response to CERT Vulnerability Note VU#725188. See this ISC Security Advisory for details and instructions for downloading these releases.

An exploit of this vulnerability was made public at the same time the vulnerability was announced, which makes it especially important to upgrade.

Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers ? it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround.

Some sites may have firewalls that can be configured with packet filtering techniques to prevent nsupdate messages from reaching their nameservers.

For the technical details see here:

https://www.isc.org/node/474

Urgent: this exploit is public. Please upgrade immediately.

bump for the urgency!

This is pretty serious, the exploit code is 25 lines of perl code. It's out in the wild.

That's no fun at all.

No, it's not very fun. Bind is a very popular DNS server and this allows anyone on the internet to kill your dns server.

bmping some important into

Tinydns?