Secure
Manage
Control
Accumuli PLC
Accumuli Community
Ask us a question
Download Centre Supported Customers
Login
Search
Latest News
Accumuli selected as Zscaler Summit Partner
Accumuli (AIM:ACM), the provider of advanced IT security services, is pleased to announce that it hasentered into a channel partnership agreement with... more
Trends and Truths in DDoS Attacks
The first point to note is that while hacktivism hits the headlines, it is not according to Neustar the primary motive behind DDoS attacks: ... more
Accumuli Community / ISC BIND Cert Advisory CVE−2011−4313

ISC BIND Cert Advisory CVE−2011−4313

Friday 18th November 2011
ISC BIND Cert Advisory CVE−2011−4313

On November 16, 2011, ISC announced a vulnerability that causes issues for BIND 9 based DNS resolvers (CVE-2011-4313).

All versions of BIND 9 are impacted by this defect if BIND is deployed as a recursive DNS server. When the server experiences the problem, the DNS service will exit with the following message: "INSIST(!dns_rdataset_isassociated(sigrdataset))". More information regarding CVE-2011-4313 can be found at http://www.isc.org/advisories.

This defect will impact all our customers using VitalQIP (software and/or appliances), Infoblox (native NIOS and VIM) and runIP appliances. The problem affects any BIND 9 DNS server that has recursion enabled (e.g. forwarders, environments with internal roots or DMZ based servers performing Internet resolution).

For customers using appliance solutions, the monitoring process will automatically restart the DNS service after it detects the failure but we recommend customers apply the appropriate patch to their system to provide a permanent fix.

For VitalQIP software and appliance customers, Alcatel-Lucent has released Lucent DNS 5.1 Build 14 to address this issue. Alcatel-Lucent will also being releasing new builds of Lucent DNS 4.2 and 5.0 for customers that are not able to upgrade to the lastest version (e.g. due to lack of 64-bit H/W support). Please contact our helpdesk for further advice and download links.

For runIP customers, a new Lucent DNS package is available for download that includes Lucent DNS 5.1 Build 14.

For Infoblox customers, new versions of NIOS have been released to address this issue. The following patches are now available for download from the Infoblox Support website (http://support.infoblox.com): NIOS 6.2.5, NIOS 5.1r5-4, NIOS 5.1r4-9, and NIOS 4.3r8-6.

  • If you are running a vNIOS/NIOS 6.x release, we strongly recommend upgrading to NIOS 6.2.5.
  • If you are running a vNIOS/NIOS 5.x release, we strongly recommend upgrading to either NIOS 5.1r5-4 or NIOS 5.1r4-9.
  • If you are running a vNIOS/NIOS 4.x release, we strongly recommend upgrading to NIOS 4.3r8-6.
        Tweet
        LinkedIn
Comments
Be the first to post a comment.
Add Your Comments
* Name:
* Location:
* Email Address:
* Telephone:
* Comments:
* Security Code:
* Terms & Conditions:
I agree to the Terms and Conditions of posting a comment on the Accumuli web site
* required fields