Facebook
Twitterseems like an exploit can take down the service can we get an update for this on plesk panel. I have had a few trying to exploit this and it does lock up and cause 100% cpu and many php-cgi.exe open
http://www.h-online.com/open/news/item/BIND-DNS-server-updates-close-critical-hole-1727232.html
as seen The Internet Systems Consortium (ISC) is warning users of a critical vulnerability in the free BIND DNS server that can be exploited by an attacker to cause a denial-of-service (DoS) condition.
According to the ISC, the security issue (CVE-2012-5166) is caused by a problem when processing a specially crafted combination of resource records (RDATA). When loaded, this data can cause a name server to lock up. The ISC says that, when this happens, normal functionality can only be restored by terminating and restarting the named daemon.
Affected versions include 9.2.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P3, 9.7.0 to 9.7.6-P3, 9.8.0 to 9.8.3-P3 and 9.9.0 to 9.9.1-P3. The ISC notes that while versions 9.2, 9.3, 9.4 and 9.5 of BIND are vulnerable, these branches are considered to be "end of life" (EOL) and are no longer updated. Upgrading to 9.7.7, 9.7.6-P4, 9.6-ESV-R8, 9.6-ESV-R7-P4, 9.8.4, 9.8.3-P4, 9.9.2 or 9.9.1-P4 corrects the problem. Alternatively, as a workaround, users can set the "minimal-responses" option to "yes" in order to prevent the lockup.
The ISC says that it currently knows of no active exploits. The new releases are available from the ISC's downloads page; all users are advised to update to the latest versions.
http://www.h-online.com/open/news/item/BIND-DNS-server-updates-close-critical-hole-1727232.html
as seen The Internet Systems Consortium (ISC) is warning users of a critical vulnerability in the free BIND DNS server that can be exploited by an attacker to cause a denial-of-service (DoS) condition.
According to the ISC, the security issue (CVE-2012-5166) is caused by a problem when processing a specially crafted combination of resource records (RDATA). When loaded, this data can cause a name server to lock up. The ISC says that, when this happens, normal functionality can only be restored by terminating and restarting the named daemon.
Affected versions include 9.2.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P3, 9.7.0 to 9.7.6-P3, 9.8.0 to 9.8.3-P3 and 9.9.0 to 9.9.1-P3. The ISC notes that while versions 9.2, 9.3, 9.4 and 9.5 of BIND are vulnerable, these branches are considered to be "end of life" (EOL) and are no longer updated. Upgrading to 9.7.7, 9.7.6-P4, 9.6-ESV-R8, 9.6-ESV-R7-P4, 9.8.4, 9.8.3-P4, 9.9.2 or 9.9.1-P4 corrects the problem. Alternatively, as a workaround, users can set the "minimal-responses" option to "yes" in order to prevent the lockup.
The ISC says that it currently knows of no active exploits. The new releases are available from the ISC's downloads page; all users are advised to update to the latest versions.
Last edited:
