Secure64 DNS Cache not vulnerable to recently announced resource exhaustion bugs
Secure64 has confirmed that its DNS Cache product is not vulnerable to the latest BIND Vulnerability bug announced by ISC on December 8, 2014. This BIND bug is categorized as severe and remotely exploitable, and is the 9th such vulnerability in the past 24 months. The announcements describe flaws in the BIND DNS resolver that could cause it to issue large numbers of queries to resolve names in maliciously constructed zones, leading to resource exhaustion and is exploitable to launch denial of service attacks.
The ISC vulnerability announcements can be found here:
ISC CVE-2014-8500 https://kb.isc.org/article/AA-01216
Unlike some previous CVE’s, immediate patching is available for ISC BIND. Users of BIND-based appliances like Efficient IP, Infoblox and Bluecat should check the vendor web sites.
Bluecat: A support note is posted at https://www.bluecatnetworks.com/support/security_updates/2014
Secure64′s DNS Cache product is not susceptible to this vulnerability or any of the previously announced BIND vulnerabilities. DNS Cache limits the amount of resources that are consumed by the resolver under normal and attack conditions to remain available and responsive, even under resolver-targeted attacks.
DNS is arguably the most critical control point for every on-line business and IP based service. Secure64 is a software applications company enabling secure DNS services and is built upon the industry’s only genuinely secure platform. Secure64 DNS technology brings protection to over 180 Million on-line users, supports 85% of all internet reverse DNSSEC and is used by leading service providers, enterprises and government organizations.
For more information on Secure64′s DNS capabilities and the latest wave of potent DNS attacks please request the “Death by One Thousand Paper Cuts” white paper by clicking on the Contact Us button the home page of our website www.secure64.com and filling in the contact form.