The Internet Systems Consortium (ISC) announced this week that updates released for the DNS software BIND patch several denial-of-service (DoS) vulnerabilities that can be exploited remotely.
BIND versions 9.9.9-P8, 9.10.4-P8 and 9.11.0-P5 address three new security holes that could lead to an assertion failure.
The most serious of the flaws, with a “high” severity rating and a CVSS score of 7.5, is CVE-2017-3137. The vulnerability allows an attacker to cause a DoS condition, and it mainly affects recursive resolvers, but authoritative servers could also be vulnerable if they perform recursion.
