Earlier this week, the Internet Systems Consortium (ISC) issued an update for a high-severity security vulnerability that would allow the Berkeley Internet Name Domain (BIND) software to be exploited remotely to launch denial-of-service (DoS) attacks. This vulnerability, uncovered internally by ISC, is significant because BIND is the most widely-used software to implement Domain Name System (DNS) protocols. Affected versions include 9.0.x to 9.8.x, 9.9.0 to 9.9.9-P2, 9.9.3-S1 to 9.9.9-S3, 9.10.0 to 9.10.4-P2, and 9.11.0a1 to 9.11.0rc1.
Due to the severity of this vulnerability, TippingPoint released DVToolkit CSW file CVE-2016-2776.csw to customers. This filter detects an attempt to exploit a denial-of-service vulnerability in ISC BIND. We recommend that this CSW filter be deployed to protect unpatched systems.