Security Update:The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND)
Date and Time
The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND).
Advanced Users: For a complete description of the vulnerabilities visit:
- CVE-2018-5743: Limiting simultaneous TCP clients is ineffective at: https://kb.isc.org/docs/cve-2018-5743
- CVE-2019-6467: An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c at: https://kb.isc.org/docs/cve-2019-6467
- CVE-2019-6468: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used at: https://kb.isc.org/docs/cve-2019-6468
For affected systems, please refer to the CVEs listed above.
WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition.
WHAT DO I NEED TO DO?
Users and administrators are encouraged to review the above CVEs and apply the necessary updates.
- IT Security at http://it.ucsf.edu/security