This post was originally published on this site is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Back in 2000, a bug crept into the Internet Systems Corporation’s BIND server, and it lay unnoticed until now.

The result: if you’re running a vulnerable version of BIND and using DNSSEC, you need to patch the server against a denial-of-service vulnerability.

The venerable BIND is the world’s most-used Domain Name System (DNS) software.

The vulnerability, disclosed on January 16th, is in the named (name daemon): “Improper sequencing during cleanup can lead to a use-after-free error, triggering an assertion failure and crash in named”, the advisory states.

The error is in the netaddr.c library in the daemon.

Disabling DNSSEC validation provides a workaround, but the advisory says all versions since BIND 9.0.0 (released in 2000) need to be patched.

The issue is most serious for “versions 9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1”.

“No known active exploits but crashes due to this bug have been reported by multiple parties”, the advisory continues.

Jayachandran Palanisamy of Cygate identified the bug. ®

Sponsored: Minds Mastering Machines – Call for papers now open

At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.

Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group,