BIND DNS Server Updated to Fix Remote Code Execution Vulnerability
Corrective updates have been published for the stable branches of the BIND DNS server 9.11.31 and 9.16.15, as well as the experimental branch 9.17.12, which is in development. The new releases address three vulnerabilities, one of which (CVE-2021-25216) causes a buffer overflow. On 32-bit systems, the vulnerability can be exploited to remotely execute an attacker's code by sending a specially crafted GSS-TSIG request. On 64 systems the problem is limited to a crash […]