{"id":4744,"date":"2009-07-28T13:33:04","date_gmt":"2009-07-28T20:33:04","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=4744"},"modified":"2020-05-06T10:31:47","modified_gmt":"2020-05-06T17:31:47","slug":"new-ddos-vulnerability-in-bind-9","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/","title":{"rendered":"New DDoS Vulnerability in BIND 9"},"content":{"rendered":"<p>In case you haven&#8217;t seen the news yet,\u00a0<a href=\"http:\/\/www.kb.cert.org\/vuls\/id\/725188\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">there&#8217;s a serious new vulnerability in BIND 9<\/a>. A carefully tailored dynamic update can crash your BIND 9 name server. Administrators of BIND 9 name servers &#8211; even those that don&#8217;t allow dynamic updates &#8211; are advised to upgrade immediately, as exploits are already public. You can find more information on\u00a0<a href=\"https:\/\/www.isc.org\/node\/474\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ISC&#8217;s web site<\/a>. ISC has released BIND 9.6.1-P1, 9.5.1-P3 and 9.4.3-P3 to address the vulnerability.<\/p>\n<p>If you&#8217;re concerned that your name server might have been the target of such an attack, examine your syslog output for lines like this:<\/p>\n<pre><code>db.c:659: REQUIRE(type != ((dns_rdatatype_t)dns_rdatatype_any)) failed\r\n  exiting (due to assertion failure). <\/code><\/pre>\n<p>These indicate that your name server crashed, likely because of this vulnerability.<\/p>\n<p>More tomorrow.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In case you haven&#8217;t seen the news yet,\u00a0there&#8217;s a serious new vulnerability in BIND 9. A carefully tailored dynamic update can crash your BIND 9 name server. Administrators of BIND 9 name servers &#8211; even those that don&#8217;t allow dynamic updates &#8211; are advised to upgrade immediately, as exploits are already public. You can find [&hellip;]<\/p>\n","protected":false},"author":178,"featured_media":2626,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[108,30,16,15],"class_list":{"0":"post-4744","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-bind","9":"tag-dns","10":"tag-infoblox","11":"tag-security","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>New DDoS Vulnerability in BIND 9<\/title>\n<meta name=\"description\" content=\"In case you haven&#039;t seen the news yet, there&#039;s a serious new vulnerability in BIND 9.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New DDoS Vulnerability in BIND 9\" \/>\n<meta property=\"og:description\" content=\"In case you haven&#039;t seen the news yet, there&#039;s a serious new vulnerability in BIND 9.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2009-07-28T20:33:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:31:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Cricket Liu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Cricket Liu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/\"},\"author\":{\"name\":\"Cricket Liu\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/bb6b62b1b99a7cbcd7c528d5763778d5\"},\"headline\":\"New DDoS Vulnerability in BIND 9\",\"datePublished\":\"2009-07-28T20:33:04+00:00\",\"dateModified\":\"2020-05-06T17:31:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/\"},\"wordCount\":119,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/image001-4.png\",\"keywords\":[\"BIND\",\"DNS\",\"Infoblox\",\"Security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/\",\"name\":\"New DDoS Vulnerability in BIND 9\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/image001-4.png\",\"datePublished\":\"2009-07-28T20:33:04+00:00\",\"dateModified\":\"2020-05-06T17:31:47+00:00\",\"description\":\"In case you haven't seen the news yet, there's a serious new vulnerability in BIND 9.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/image001-4.png\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/image001-4.png\",\"width\":660,\"height\":454,\"caption\":\"Using the Infoblox IPAM Driver for Docker\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/new-ddos-vulnerability-in-bind-9\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New DDoS Vulnerability in BIND 9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/bb6b62b1b99a7cbcd7c528d5763778d5\",\"name\":\"Cricket Liu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/cricket-new-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/cricket-new-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/cricket-new-96x96.jpg\",\"caption\":\"Cricket Liu\"},\"description\":\"Cricket is one of the world\u2019s leading experts on the Domain Name System (DNS) and serves as the liaison between Infoblox and the DNS community. Before joining Infoblox, he founded an internet consulting and training company, Acme Byte &amp; Wire, after running the hp.com domain at Hewlett-Packard. Cricket is a prolific speaker and author, having written a number of books including \u201cDNS and BIND,\u201d one of the most widely used references in the field, now in its fifth edition.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/cricket-liu\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"New DDoS Vulnerability in BIND 9","description":"In case you haven't seen the news yet, there's a serious new vulnerability in BIND 9.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/","og_locale":"en_US","og_type":"article","og_title":"New DDoS Vulnerability in BIND 9","og_description":"In case you haven't seen the news yet, there's a serious new vulnerability in BIND 9.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/","og_site_name":"Infoblox Blog","article_published_time":"2009-07-28T20:33:04+00:00","article_modified_time":"2020-05-06T17:31:47+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png","type":"image\/png"}],"author":"Cricket Liu","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Cricket Liu","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/"},"author":{"name":"Cricket Liu","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/bb6b62b1b99a7cbcd7c528d5763778d5"},"headline":"New DDoS Vulnerability in BIND 9","datePublished":"2009-07-28T20:33:04+00:00","dateModified":"2020-05-06T17:31:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/"},"wordCount":119,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png","keywords":["BIND","DNS","Infoblox","Security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/","url":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/","name":"New DDoS Vulnerability in BIND 9","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png","datePublished":"2009-07-28T20:33:04+00:00","dateModified":"2020-05-06T17:31:47+00:00","description":"In case you haven't seen the news yet, there's a serious new vulnerability in BIND 9.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/image001-4.png","width":660,"height":454,"caption":"Using the Infoblox IPAM Driver for Docker"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/new-ddos-vulnerability-in-bind-9\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"New DDoS Vulnerability in BIND 9"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/bb6b62b1b99a7cbcd7c528d5763778d5","name":"Cricket Liu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/cricket-new-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/cricket-new-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/cricket-new-96x96.jpg","caption":"Cricket Liu"},"description":"Cricket is one of the world\u2019s leading experts on the Domain Name System (DNS) and serves as the liaison between Infoblox and the DNS community. Before joining Infoblox, he founded an internet consulting and training company, Acme Byte &amp; Wire, after running the hp.com domain at Hewlett-Packard. Cricket is a prolific speaker and author, having written a number of books including \u201cDNS and BIND,\u201d one of the most widely used references in the field, now in its fifth edition.","url":"https:\/\/www.infoblox.com\/blog\/author\/cricket-liu\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/4744","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/178"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=4744"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/4744\/revisions"}],"predecessor-version":[{"id":4745,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/4744\/revisions\/4745"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2626"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=4744"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=4744"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=4744"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}