Last week the Internet Systems Consortium released a patch for a serious vulnerability in BIND, one of the most popular Domain Name Servers that’s bundled with Linux.
The incident number CVE-2015-5477 details an exploit that allows a remote, unauthenticated attacker to crash DNS servers using BIND by sending a specially crafted command. There’s no specific way to protect against the attack, other than installing the patch immediately.
A new era of tech events has begun
We’re back in New York this November for the 4th edition of our growth-focused technology event.
The attack is reportedly so trivial that a single hacker could take down large chunks of the internet in a single move. All they would need to do is simultaneously crash enough DNS servers to cause a noticeable outage and serious implications for the internet.
If you’re running a BIND DNS server, it’s important to patch as soon as possible to ensure attackers can’t take down your service.
➤ CVE-2015-5477 [ISC]
Image credit: Shutterstock