/>
X
Innovation

High-risk internet server exploit goes wild

An active Bind 9 exploit that a hacker could use to crash internet servers is in wide circulation, according to the Internet Systems Consortium.
tom-espiner.jpg
Written by Tom Espiner, Contributor on
An exploit that a hacker could use to crash internet servers is being used in the wild.

The exploit targets a vulnerability in Bind 9, the most widely used DNS server standard, warned the Internet Systems Consortium (ISC) on Tuesday. ISC is the organization that supports Bind.

The hole in Bind 9 has no workaround. Administrators must upgrade to Bind versions 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1 to mitigate the threat. The exploit, which a hacker could use to launch an attack against unpatched master servers, is easily available, warned ISC.

"An active remote exploit is in wide circulation at this time," said ISC in an advisory.

The Berkeley Internet Name Domain (Bind) is the most widely used DNS server standard. Bind 9 was coded to overcome security issues associated with Bind, and supports DNS Security Extensions, (DNSSEC), or encrypted DNS.

The Bind 9 dynamic update DOS vulnerability affects master servers for one or more zones. Receipt of a specially crafted dynamic update message may cause Bind 9 master servers to crash, said ISC.

This article was originally posted on ZDNet UK.

Editorial standards

Related

Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO
software-developer-programming-computer-language-jobs.jpg

Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO

Slow internet at home? This adapter is the key to faster wired connectivity
replace-this-image.jpg

Slow internet at home? This adapter is the key to faster wired connectivity

Meta's AI guru LeCun: Most of today's AI approaches will never lead to true intelligence
yann-lecun-crop-for-twitter-sept-2022

Meta's AI guru LeCun: Most of today's AI approaches will never lead to true intelligence