[ISN] Critical BIND denial-of-service flaw could disrupt large portions of the Internet

http://www.computerworld.com/article/2955005/security/critical-bind-denialofservice-flaw-could-disrupt-large-portions-of-the-internet.html By Lucian Constantin IDG News Service July 30, 2015 Attackers could exploit a new vulnerability in BIND, the most popular Domain Name System (DNS) server software, to disrupt the Internet for many users. The vulnerability affects all versions of BIND 9, from BIND 9.1.0 to BIND 9.10.2-P2, and can be exploited to crash DNS servers that are powered by the software. The Domain Name System is the Internet’s phone book. It’s used to convert domain and host names into numerical Internet Protocol (IP) addresses that computers need to communicate with each other. The DNS is made up of a global network of servers and a very large number of them run BIND, a software package developed and maintained by a nonprofit corporation called the Internet Systems Consortium (ISC). The vulnerability, announced and patched by ISC Tuesday, is critical because it can be used to crash both authoritative and recursive DNS servers with a single packet. […]