A defect in BIND's handling of a DNAME answer was fixed in a critical update from the Internet Systems Consortium (ISC) several days ago. This defect affects all BIND recursive servers, and can be exploited to remotely take down recursive servers by sending a simple DNAME answer thereby causing a denial of service (DoS.) This potential DoS vulnerability is caused by an assertion failure in Resolver.c or Db.c when caching the DNS response with DNAME Record. In this post we will examine the underlying code and expose the root cause of this... [Read More]
by RSS Dehui Yin  |  Nov 08, 2016  |  Filed in: Security Research
Last week, the Internet Systems Consortium (ISC) released a critical update to its popular software, BIND. BIND is almost everywhere on the Internet, acting as a DNS name server. DNS is a network service used to translate human-readable domain names to numeric identifiers called IP addresses and vice-versa. The update was in response to a recently discovered DoS vulnerability (CVE-2015-5477), which can be exploited to take down the vulnerable BIND server remotely. ISC released an urgent patch for this vulnerability due to its severity. Only... [Read More]
by RSS Dehui Yin  |  Aug 12, 2015  |  Filed in: Security Research