1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

BIND DNS Server 9.8.3-P1

Discussion in 'Plesk 11.x for Windows' started by markc1, Dec 9, 2012.

  1. markc1

    markc1 New Pleskian

    12
    85%
    Joined:
    May 30, 2011
    Messages:
    9
    Likes Received:
    0
    seems like an exploit can take down the service can we get an update for this on plesk panel. I have had a few trying to exploit this and it does lock up and cause 100% cpu and many php-cgi.exe open

    http://www.h-online.com/open/news/item/BIND-DNS-server-updates-close-critical-hole-1727232.html

    as seen The Internet Systems Consortium (ISC) is warning users of a critical vulnerability in the free BIND DNS server that can be exploited by an attacker to cause a denial-of-service (DoS) condition.

    According to the ISC, the security issue (CVE-2012-5166) is caused by a problem when processing a specially crafted combination of resource records (RDATA). When loaded, this data can cause a name server to lock up. The ISC says that, when this happens, normal functionality can only be restored by terminating and restarting the named daemon.

    Affected versions include 9.2.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P3, 9.7.0 to 9.7.6-P3, 9.8.0 to 9.8.3-P3 and 9.9.0 to 9.9.1-P3. The ISC notes that while versions 9.2, 9.3, 9.4 and 9.5 of BIND are vulnerable, these branches are considered to be "end of life" (EOL) and are no longer updated. Upgrading to 9.7.7, 9.7.6-P4, 9.6-ESV-R8, 9.6-ESV-R7-P4, 9.8.4, 9.8.3-P4, 9.9.2 or 9.9.1-P4 corrects the problem. Alternatively, as a workaround, users can set the "minimal-responses" option to "yes" in order to prevent the lockup.

    The ISC says that it currently knows of no active exploits. The new releases are available from the ISC's downloads page; all users are advised to update to the latest versions.
     
    Last edited: Dec 9, 2012
  2. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,546
    Likes Received:
    1,240
    Location:
    Novosibirsk, Russia
    We have already submitted request to Security Team regarding this issue. Current workaround is upgrade to 9.8.4-P1 version or higher.
     
Loading...