Updates released this week by the Internet Systems Consortium (ISC) for the DNS software BIND address two vulnerabilities, including a new high-severity issue that can be exploited remotely.
BIND 9.9.9-P3, 9.10.4-P3 and 9.11.0rc3 patch a previously undisclosed denial-of-service (DoS) flaw that can be exploited using specially crafted DNS request packets. The security hole, tracked as CVE-2016-2776, was uncovered by the ISC and affects all servers that can receive request packets from any source.
Leave a reply
