Bobcares

Fix for DoS vulnerability in BIND DNS service

PDF Header PDF Footer

On 28th July Internet Systems Consortium announced a critical vulnerability (CVE-2015-5477) in all BIND DNS server versions from 9.1.0 to 9.9.7-P1 and 9.10.2-P2. It allows a remote attacker to exploit an error in handling TKEY queries to launch a Denial of Service (DoS) attack which will cause the BIND DNS server to crash. If your cPanel/WHM, Odin Plesk or DirectAdmin servers are not patched, you should consider them vulnerable.

How to fix it?

There is no work around to by-pass this vulnerability. The only solution is to apply the patch to fix CVE-2015-5477. All major Linux vendors have already released patches for this.

Fix in RedHat and CentOS servers

Run the below command, assuming you are already current on all your other system software.

# yum update bind

For CentOS, you will need to enable Continuous Release (CR) Repository to get this patch. Here’s how you can install, enable the CR repo, and update BIND.

# yum install centos-release-cr
# yum-config-manager --enable cr
# yum update bind

Once this is done, you can disable the CR repo by:

# yum-config-manager --disable cr

Fix in Debian and Ubuntu servers

Run the command:

# apt-get install bind9

Fix in OpenSUSE servers

Run the command:

# zypper update bind

If your cPanel/WHM, Odin Plesk or DirectAdmin servers are not up-to-date, and you are unable to run a normal package upgrade, you may need to custom compile BIND to the latest version. Click below to get your server fixed now:

FIX MY SERVER

Bobcares helps you keep your servers secure through periodic security hardening and by mitigating zero day vulnerabilities.

SEE HOW BOBCARES KEEP YOUR SERVERS SECURE

0 Comments

Get featured on the Bobcares blog and share your expertise with a global tech audience.

WRITE FOR US
server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

GET UP TO 25% OFF

cPanel Support

Spend time on your business, not on your servers.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management & end-user tech support to us, and use that time to focus on the growth and success of your business.

TALK TO US Or click here to learn more.

GET UP TO 25% OFF

Plesk Support

Spend time on your business, not on your servers.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management & end-user tech support to us, and use that time to focus on the growth and success of your business.

TALK TO USOr click here to learn more.

Speed issues driving customers away?
We’ve got your back!