3 May 2021

ISC recommends updating DNS servers to fix new BIND vulnerabilities


ISC recommends updating DNS servers to fix new BIND vulnerabilities

The Internet Systems Consortium (ISC) has released an advisory that warnings about new vulnerabilities affecting DNS systems. Three vulnerabilities impact an open source project ISC Berkeley Internet Name Domain (BIND) 9, widely used as a DNS system. By exploiting any of these bugs an attacker can cause widespread disruption to the services.

CVE-2021-25216 is a remote buffer overflow vulnerability. A threat actor can launch an attack against  GSSAPI security policy negotiation mechanism for the GSS-TSIG protocol in BIND and potentially gain an ability to further cause crashes and perform remote code execution. This vulnerability has been issued a CVSS severity score of 8.1 (32-bit) or 7.4 (64-bit).

It’s worth noting that under configurations using default BIND settings vulnerable code paths are not exposed. They are exposed when a server's values (tkey-gssapi-keytab/tkey-gssapi-credential) are set.

The second bug (CVE-2021-25215) exists because of the way DNAME records are processed. By exploiting it remote attacker can cause process crashes due to failed assertions. CVSS score of 7.5 was assigned to this vulnerability.

The third flaw (CVE-2021-25214) impacts an incremental zone transfers (IXFR). An attacker can send a malformed IXFR to a named server and cause the named process to crash due to a failed assertion. CVSS score of 6.5 has been issued for this vulnerability.

The ISC is not aware of any active exploits for any of these vulnerabilities. It is highly recommended to deploy versions BIND 9.11.31, 9.16.15, and 9.17.12 which contain patches for all three bugs.

Back to the list

Latest Posts

New LV ransomware is actually a tweaked REvil’s binary, researchers say

New LV ransomware is actually a tweaked REvil’s binary, researchers say

An analysis of the LV ransomware binary revealed that LV is a modified version of the REvil 2.03 beta binary.
24 June 2021
MITRE introduces D3FEND framework for tailoring defenses against cyber threats

MITRE introduces D3FEND framework for tailoring defenses against cyber threats

Funded by the US National Security Agency, the D3FEND framework is still in the experimental research phase.
24 June 2021
The European Commission proposes a joint security unit to counter “serious cyber incidents”

The European Commission proposes a joint security unit to counter “serious cyber incidents”

The Joint Cyber Unit will be operational by June 2022 and should be fully established by 2023.
24 June 2021