Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Dns Security

Discussion in 'Security' started by dinho, Apr 1, 2013.

  1. dinho

    dinho Member

    Joined:
    Oct 1, 2008
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    51
    Dear

    See this news to the source



    "It has been revealed that a malicious regular expression can cause a denial-of-service of the open source BIND DNS server on Linux and Unix systems. Other programs using BIND's libdns are also potentially vulnerable to the same attack. The critical bug allows attacker to cause excessive memory consumption by the named process which could lead to the daemon using all available memory on the affected machine; this could lead to the crashing of BIND and detrimentally affect other services running on the same server.

    The problem has been reported as CVE-2013-2266 and only affects Linux and Unix versions of BIND – the flaw is not present in Windows versions of the program. Vulnerable versions include 9.7.x, 9.8.0 to 9.8.5b1 and 9.9.0 to 9.9.3b1 of BIND. Versions prior to BIND 9.7.0 are not vulnerable; BIND 10 is not affected either.

    Fixed versions of BIND have been released as BIND 9.9.2-P2 and 9.8.4-P2, BIND 9.7 has already reached end of life and is no longer being maintained. Applications that use BIND's libdns library are also affected and should be updated as quickly as possible. As a workaround, developers can compile libdns with regex functionality disabled.

    The Internet Systems Consortium (ISC), which maintains BIND, points out that the flaw is not very difficult to exploit and recommends immediate action by owners of named servers to ensure that their systems are not affected."


    Critical vulnerability in BIND 9 regular expression handling - The H Security: News and Features


    I wonder which version that supports cpanel, which recommends the cpanel.
    I use cpanel version 11.36
     
    #1 dinho, Apr 1, 2013
  2. Eric

    Eric Administrator Staff Member

    Joined:
    Nov 25, 2007
    Messages:
    751
    Likes Received:
    11
    Trophy Points:
    143
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Howdy,

    Bind/Named are provided from upstream operating system vendors. The latest update was provided by red hat according to https://access.redhat.com/security/cve/CVE-2013-2266 and was patched in CentOS too.

    I verified this on my Cent6 system.

    Code:
    grimlock ~ # rpm -qa --last|grep bind
bind-utils-9.8.2-0.17.rc1.el6_4.4.x86_64      Fri 29 Mar 2013 04:14:15 AM CDT
bind-devel-9.8.2-0.17.rc1.el6_4.4.x86_64      Fri 29 Mar 2013 04:14:15 AM CDT
bind-9.8.2-0.17.rc1.el6_4.4.x86_64            Fri 29 Mar 2013 04:14:15 AM CDT
bind-libs-9.8.2-0.17.rc1.el6_4.4.x86_64       Fri 29 Mar 2013 04:14:14 AM CDT
grimlock ~ # rpm -qa --changelog bind |head
* Wed Mar 27 2013 Adam Tkac <atkac redhat com> 32:9.8.2-0.17.rc1.4
- fix  CVE-2013-2266
- ship dns/rrl.h in -devel subpkg
    This command should work for CentHat5 too.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Eric, Apr 1, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - Security
  1. coursevector

    Horde Webmail Security Vulnerabilities?

    coursevector, May 23, 2019 at 3:09 PM, in forum: Security
    Replies:
    1
    Views:
    13
    cPanelLauren
    May 23, 2019 at 4:10 PM
  2. weblinks

    ModSecurity persistent IP database size alert

    weblinks, May 19, 2019 at 8:12 PM, in forum: Security
    Replies:
    1
    Views:
    93
    cPanelMichael
    May 20, 2019 at 4:10 PM
  3. Sinus Pi

    Security concern: PHP disabled while provisioning new modules

    Sinus Pi, May 17, 2019 at 12:21 PM, in forum: EasyApache
    Replies:
    2
    Views:
    110
    Sinus Pi
    May 20, 2019 at 5:35 PM
  4. webdsn

    How to force enable modsecurity for all User

    webdsn, May 15, 2019, in forum: Security
    Replies:
    3
    Views:
    121
    cPanelLauren
    May 22, 2019 at 9:02 AM
  5. QubeRoot

    Security Advisor email notifications not working?

    QubeRoot, May 9, 2019, in forum: E-mail Discussion
    Replies:
    6
    Views:
    322
    cPanelLauren
    May 14, 2019

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice