http://www.computerworld.com/article/2955005/security/critical-bind-denialofservice-flaw-could-disrupt-large-portions-of-the-internet.html
By Lucian Constantin
IDG News Service
July 30, 2015
Attackers could exploit a new vulnerability in BIND, the most popular
Domain Name System (DNS) server software, to disrupt the Internet for many
users.
The vulnerability affects all versions of BIND 9, from BIND 9.1.0 to BIND
9.10.2-P2, and can be exploited to crash DNS servers that are powered by
the software.
The Domain Name System is the Internet's phone book. It's used to convert
domain and host names into numerical Internet Protocol (IP) addresses that
computers need to communicate with each other. The DNS is made up of a
global network of servers and a very large number of them run BIND, a
software package developed and maintained by a nonprofit corporation
called the Internet Systems Consortium (ISC).
The vulnerability, announced and patched by ISC Tuesday, is critical
because it can be used to crash both authoritative and recursive DNS
servers with a single packet.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
