===================================================================== CERT-Renater Note d'Information No. 2009/VULN296 _____________________________________________________________________ DATE : 29/07/2009 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running BIND 9. ====================================================================== https://www.isc.org/node/479 ______________________________________________________________________ ISC releases patched versions of BIND 9 in response to newly-discovered DNS attack Redwood City, California -- July 28, 2009 -- ISC has published new releases of all current versions BIND 9 in response to CERT Vulnerability Note VU#725188. See this ISC Security Advisory for details and instructions for downloading these releases. An exploit of this vulnerability was made public at the same time the vulnerability was announced, which makes it especially important to upgrade. Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers – it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround. Some sites may have firewalls that can be configured with packet filtering techniques to prevent nsupdate messages from reaching their nameservers. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================