The Internet Systems Consortium (ISC) recently released a security patch for Bind, a domain name system (DNS) server used by websites and hosting services.
It fixed an issue in Bind which allowed attackers to crash it, which could make a website unreachable to visitors.
DNS resolves a domain name, such as mybroadband.co.za, into the IP address of the server where the associated website or service is located.
Security vendor Sucuri explained that DNS is a critical part of Internet infrastructure. If you knock the name servers of a domain offline, e-mail, HTTP, and other services linked to that domain will be unavailable.
The vulnerability exists because of the way Bind handles TKEY queries. According to Sucuri, a single UDP packet can trigger an assertion failure, causing the DNS daemon to exit.
Although the ISC released a patch along with security advisory CVE–2015–5477, sites remain unpatched.
It said patches are available for all major Linux distributions, and can be installed with commands (“yum update” on Red Hat/Centos and “apt-get update” on Debian-based systems).
Sucuri said those who run their own DNS servers must look for any type of TKEY request in their DNS logs to see if they are being targeted.