Security Alert (A19-06-07): Vulnerability in ISC BIND


 

Published on: 21 June 2019

  
  

Description:

A vulnerability was found in the ISC BIND software. A remote attacker could send specially crafted queries to trigger an assertion failure which could cause the BIND to exit.

 

Affected Systems:

  • BIND 9.11.0 to 9.11.7
  • BIND 9.11.3-S1 to 9.11.7-S1
  • BIND 9.12.0 to 9.12.4-P1
  • BIND 9.13.x
  • BIND 9.14.0 to 9.14.2
  • BIND 9.15.0

 

Impact:

Successful exploitation could lead to a denial of service condition on an affected system.

 

Recommendation:

Internet Systems Consortium (ISC) has released the following patches to solve the problem:

  • BIND 9.11.8
  • BIND 9.11.8-S1
  • BIND 9.12.4-P2
  • BIND 9.14.3
  • BIND 9.15.1

http://www.isc.org/downloads/

 

More Information:

https://kb.isc.org/docs/cve-2019-6471
https://www.hkcert.org/my_url/en/alert/19062101
https://www.us-cert.gov/ncas/current-activity/2019/06/19/ISC-Releases-BIND-Security-Updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471

 



Tag: BIND , ISC
Tags