High-severity vulnerabilities patched in popular domain name software BIND


Multiple versions of BIND 9, a popular open-source software programme that offers internet domain name system services, include security flaws that have been patched by the Internet Systems Consortium (ISC). Remote attackers may perform denial-of-service attacks using the recently identified vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned in an alert posted on Friday.

The bugs CVE-2023-2828, CVE-2023-2829, and CVE-2023-2911 are among those that ISC patched. These flaws have a severity rating of 7.5 out of 10 and can be remotely exploited, according to the popular vulnerability ranking system. Berkeley Internet Name Domain is referred to as BIND.

Read More…