it.ucsf.edu

Security Update:Internet Systems Consortium (ISC) Released a BIND Security Update to Protect Against a Denial of Service Vulnerability

Status Type

Security Update

Date and Time

Thursday, November 3, 2016 - 10:04

Reason

Security Update

Impact

BIND Users

 

WHAT HAPPENED?
The Internet Systems Consortium (ISC) has released updates that address a vulnerability in BIND.
 

Advanced Users: For a complete description of the vulnerability visit ISC Knowledge Base Article AA-01434 (CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure) at https://kb.isc.org/article/AA-01434/0.


AVAILABLE UPDATES INCLUDE:

  • BIND 9 version 9.9.9-P4
  • BIND 9 version 9.10.4-P4
  • BIND 9 version 9.11.0-P1
  • BIND 9 version 9.9.9-S6


WHAT'S THE PROBLEM?
Exploitation of the vulnerability could allow a remote attacker to cause a denial-of-service condition.


WHAT DO YOU NEED TO DO?
Users and administrators are encouraged to review the Knowledge Base Article AA-01434 (https://kb.isc.org/article/AA-01434/0) and apply the necessary updates.


RELATED LINKS