Version 9 of the bind name prior to version 9.2.1 contain a denial of service vulnerability.
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. Versions of BIND 9 prior to 9.2.1 have a bug that causes certain requests to the BIND name server (named) to fail an internal consistency check, causing the name server to stop responding to requests. This can be used by a remote attacker to cause a denial of service (DOS) attack against name servers. Red Hat Linux 7.1, 7.2 and 7.3 shipped with versions of BIND vulnerable to this issue. All users of BIND are advised to upgrade to the errata packages containing BIND 9.2.1 which is not vulnerable to this issue.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center