Denial of Service Vulnerability in ISC BIND

Post author:ujwala redekar
Post published:August 29, 2021
Post category:Cyber Security
Post comments:0 Comments

Original Issue Date :August 27, 2021

Severity Rating: HIGH

Software Affected

ISC Bind versions9.16.19, 9.17.16

ISC Bind versions 9.16.19-S1

Overview

A vulnerability have been reported in ISC BIND which could allow a remote attacker to cause denial of service conditions on the targeted system.

Description

This vulnerability exist in ISC BIND due to a strict assertion check when named attempts to respond over UDP with a response that is larger than the current effective interface maximum transmission unit (MTU). A remote attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process.

Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service conditions on the targeted system.

Solution

Update to the latest versions as available at the following URL:

https://www.isc.org/download/

Vendor Information

ISC

https://kb.isc.org/docs/cve-2021-25218

References

https://security-tracker.debian.org/tracker/CVE-2021-25218

CVE Name

CVE-2021-25218

Disclaimer

The information provided herein is on “as is” basis, without warranty of any kind.

Please Share This Share this content

You Might Also Like

Fake COVID vaccine registration App

Shield your Child from Cyber Crime

Multiple Vulnerabilities in Red Hat JBoss Core Services

Leave a Reply Cancel reply

Share this content