1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Bind DOS CVE-2015-5477

Attack: Bind DOS CVE-2015-5477

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a Denial Of Service vulnerability in ISC Bind.

Additional Information

The ISC Berkley Internet Name Domain (BIND) is an implementation of Domain Name System (DNS) protocols.

ISC BIND is prone to a remote denial-of-service vulnerability. Specifically, this issue occurs due to an error in the handling of TKEY queries. An attacker can exploit this issue using a specially-crafted packet to cause a REQUIRE assertion failure, making BIND to exit.

Attackers can exploit this issue to cause a denial-of-service.

Affected

  • ISC BIND 9.x before 9.9.7-P2
  • ISC BIND 9.10.x before 9.10.2-P3
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube