How to fix for DoS vulnerability in BIND DNS service? Linux
BIND DNS servers versions 9.1.0 to 9.9.7-P1 and 9.10.2-P2 allow a remote attacker to exploit an error in handling TKEY queries to launch a Denial of Service DoS vulnerability in BIND DNS service, server crashing.
You should consider patching if the cPanel/WHM, Odin Plesk, or DirectAdmin servers are not patched.
There is no workaround to bypass this vulnerability. The only solution is to apply the patch to fix it. All major Linux vendors have already released patches for this vulnerability.
Run the below command
# yum update bind
Enable Continuous Release (CR) Repository to get this patch. To Install and enable CR repo and update the BIND, the following commands need to be executed –
# yum install centos-release-cr
# yum-config-manager –enable cr
# yum update bind
To disable the CR repo, execute the following command
# yum-config-manager –disable cr
Debian and Ubuntu Servers
# apt-get install bind9
OpenSUSE servers
# zypper update bind
If you are unable to run a normal package upgrade in cPanel/WHM, Odin Plesk or DirectAdmin servers, you need to custom compile BIND to the latest version
At Velan, our server support engineers can help you fix DoS vulnerability in BIND DNS service issue. For details, please visit Managed IT Support Services
Categories
- Applications (5)
- Magento (1)
- Cloud (19)
- AWS (17)
- Google Drive (1)
- Office365 (1)
- Database (4)
- DNS (2)
- Cloudflare (2)
- Zone Lockdown (1)
- Cloudflare (2)
- Linux (42)
- DirectAdmin (1)
- Server (40)
- Core (10)
- cPanel / WHM (6)
- Dockers (3)
- Security (7)
- zimbra (1)
- SSL (1)
- PHP (1)
- Windows (14)
- Windows Server (1)
- IIS (1)
- Application Pool (1)
- IIS (1)
Credentials
