Bind 9 security update

Print Friendly, PDF & Email

A vulnerability in the DNS server software Bind v9 has is currently being exploited across a number of servers connected to the academic network as reported by JANET CSIRT yesterday:

http://www.ja.net/services/csirt/2011/11/17/bind-9-resolver-crashes-after-logging-an-error-in-query-c/

An emergency CAB met this morning to discuss the risk posed to the university and decided that an urgent upgrade to core name servers is required. The secondary name server irix.bris.ac.uk will be upgraded immanently and the primary around 1:30pm.

It is advisable that any DNS admin running Bind 9 should upgrade asap. The full advisory can be seen at the following link:

http://www.isc.org/software/bind/advisories/cve-2011-4313