Showing 1 - 3 of 3

Files from ISC

First Active	2014-01-16
Last Active	2016-03-14

FreeBSD Security Advisory - FreeBSD-SA-16:13.bind: Posted Mar 14, 2016; Authored by ISC | Site security.freebsd.org; FreeBSD Security Advisory - Testing by ISC has uncovered a defect in control channel input handling which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel (the interface which allows named to be controlled using the "rndc" server control utility). An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. A remote attacker can deliberately trigger the failed assertion if the DNS server accepts remote rndc commands regardless if authentication is configured. Note that this is not enabled by default. A remote attacker who can cause a server to make a query deliberately chosen to generate a response containing a signature record which would trigger a failed assertion and cause named to stop. Disabling DNSsec does not provide protection against this vulnerability.; tags | advisory, remote; systems | freebsd, bsd; advisories | CVE-2016-1285, CVE-2016-1286; SHA-256 | 511b0fffe4ca8e6584c5c8a182c7a5ff4bb7fa1f2086db6fc678849054b18a03; Download | Favorite | View

FreeBSD Security Advisory - FreeBSD-SA-16:08.bind: Posted Jan 27, 2016; Authored by ISC | Site security.freebsd.org; FreeBSD Security Advisory - There is an off-by-one error in a buffer size check when performing certain string formatting operations. Slaves using text-format db files could be vulnerable if receiving a malformed record in a zone transfer from their master. Masters using text-format db files could be vulnerable if they accept a malformed record in a DDNS update message. Recursive resolvers are potentially vulnerable when debug logging is enabled and if they are fed a deliberately malformed record by a malicious server. A server which has cached a specially constructed record could encounter this condition while performing 'rndc dumpdb'.; tags | advisory; systems | freebsd; advisories | CVE-2015-8704; SHA-256 | c803a5067169b0dd06a8b595f07a796ef604d725b2cec7e9041f63d8bdb30a0a; Download | Favorite | View

FreeBSD Security Advisory - BIND Denial Of Service: Posted Jan 16, 2014; Authored by ISC | Site security.freebsd.org; FreeBSD Security Advisory - Because of a defect in handling queries for NSEC3-signed zones, BIND can crash with an "INSIST" failure in name.c when processing queries possessing certain properties. This issue only affects authoritative nameservers with at least one NSEC3-signed zone. Recursive-only servers are not at risk. An attacker who can send a specially crafted query could cause named(8) to crash, resulting in a denial of service.; tags | advisory, denial of service; systems | freebsd; advisories | CVE-2014-0591; SHA-256 | 42bd91e5a207d906b383d2f4b8c14bcb28389b0113837035f0080c510470026d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days