what you don't know can hurt you

Mandriva Linux Security Advisory 2012-089

Mandriva Linux Security Advisory 2012-089
Posted Jun 12, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-089 - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1 which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-1667
MD5 | cc95489515da0761cb1aa6a1fe4dfea5

Mandriva Linux Security Advisory 2012-089

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:089
http://www.mandriva.com/security/
_______________________________________________________________________

Package : bind
Date : June 10, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in bind:

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before
9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not
properly handle resource records with a zero-length RDATA section,
which allows remote DNS servers to cause a denial of service (daemon
crash or data corruption) or obtain sensitive information from process
memory via a crafted record (CVE-2012-1667).

The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1
which is not vulnerable to this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
http://www.isc.org/software/bind/advisories/cve-2012-1667
ftp://ftp.isc.org/isc/bind9/9.7.6-P1/RELEASE-NOTES-BIND-9.7.6-P1.txt
ftp://ftp.isc.org/isc/bind9/9.8.3-P1/RELEASE-NOTES-BIND-9.8.3-P1.txt
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
a4136df144ce0ef0781484627484bc3f 2010.1/i586/bind-9.7.6-0.0.P1.0.1mdv2010.2.i586.rpm
830f7b84cf2891303b700f5336ee5e8d 2010.1/i586/bind-devel-9.7.6-0.0.P1.0.1mdv2010.2.i586.rpm
fc21a051f543d69e15bd4fe5e5cb10a0 2010.1/i586/bind-doc-9.7.6-0.0.P1.0.1mdv2010.2.i586.rpm
da27c14c4b98d3866682bc7e5d76ad8d 2010.1/i586/bind-utils-9.7.6-0.0.P1.0.1mdv2010.2.i586.rpm
f00a92647f3f43aa8f9d906dbf11094a 2010.1/SRPMS/bind-9.7.6-0.0.P1.0.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
115a51a772e1ea94bf8af6bb28996bdb 2010.1/x86_64/bind-9.7.6-0.0.P1.0.1mdv2010.2.x86_64.rpm
d79ad8c6cb1a6b784d935b13a7b2fe15 2010.1/x86_64/bind-devel-9.7.6-0.0.P1.0.1mdv2010.2.x86_64.rpm
901e102627a664dad0f464cd385e7fb2 2010.1/x86_64/bind-doc-9.7.6-0.0.P1.0.1mdv2010.2.x86_64.rpm
60b40f20a525dfa67302252caf2bcb33 2010.1/x86_64/bind-utils-9.7.6-0.0.P1.0.1mdv2010.2.x86_64.rpm
f00a92647f3f43aa8f9d906dbf11094a 2010.1/SRPMS/bind-9.7.6-0.0.P1.0.1mdv2010.2.src.rpm

Mandriva Linux 2011:
16926abc70e854a0b58b7469ef1d77c7 2011/i586/bind-9.8.3-0.0.P1.0.1-mdv2011.0.i586.rpm
b265f7b3f622b60848f9659bbe6cd0a8 2011/i586/bind-devel-9.8.3-0.0.P1.0.1-mdv2011.0.i586.rpm
3b4e397326b5196736ce9c2f373c4447 2011/i586/bind-doc-9.8.3-0.0.P1.0.1-mdv2011.0.i586.rpm
e3c925102fee466f43be8a94cf0852da 2011/i586/bind-utils-9.8.3-0.0.P1.0.1-mdv2011.0.i586.rpm
a54ef9cfd588215069052d5ca3df8005 2011/SRPMS/bind-9.8.3-0.0.P1.0.1.src.rpm

Mandriva Linux 2011/X86_64:
f006220d59f7f9e9ff6f24d6dfb2719d 2011/x86_64/bind-9.8.3-0.0.P1.0.1-mdv2011.0.x86_64.rpm
e6d643c23141dd4b3312728001c03df5 2011/x86_64/bind-devel-9.8.3-0.0.P1.0.1-mdv2011.0.x86_64.rpm
ffc9fccb94a33172c5e0ca1984702bbf 2011/x86_64/bind-doc-9.8.3-0.0.P1.0.1-mdv2011.0.x86_64.rpm
a34967d48b339fb807e769b3a20788a9 2011/x86_64/bind-utils-9.8.3-0.0.P1.0.1-mdv2011.0.x86_64.rpm
a54ef9cfd588215069052d5ca3df8005 2011/SRPMS/bind-9.8.3-0.0.P1.0.1.src.rpm

Mandriva Enterprise Server 5:
c3aa5e672f6b03ff34be06ca8720df55 mes5/i586/bind-9.7.6-0.0.P1.0.1mdvmes5.2.i586.rpm
ac267bb10d0403e2eed5982441dc833e mes5/i586/bind-devel-9.7.6-0.0.P1.0.1mdvmes5.2.i586.rpm
cde8a82803d1562b1d63c632db9b15ac mes5/i586/bind-doc-9.7.6-0.0.P1.0.1mdvmes5.2.i586.rpm
a53c6290a90c9fd6b11fd1f68686bcca mes5/i586/bind-utils-9.7.6-0.0.P1.0.1mdvmes5.2.i586.rpm
1c9f0bbac5e8683cf36c119fce7fb1f5 mes5/SRPMS/bind-9.7.6-0.0.P1.0.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
552f5c44303d73c8701e174fd6555e68 mes5/x86_64/bind-9.7.6-0.0.P1.0.1mdvmes5.2.x86_64.rpm
9ace83917f5db66354b58dd085488f2e mes5/x86_64/bind-devel-9.7.6-0.0.P1.0.1mdvmes5.2.x86_64.rpm
3cf233df1f5e677b120ec3c26333b9ff mes5/x86_64/bind-doc-9.7.6-0.0.P1.0.1mdvmes5.2.x86_64.rpm
69a3801fcecbd480f97aa7825714f8fd mes5/x86_64/bind-utils-9.7.6-0.0.P1.0.1mdvmes5.2.x86_64.rpm
1c9f0bbac5e8683cf36c119fce7fb1f5 mes5/SRPMS/bind-9.7.6-0.0.P1.0.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFP1FjRmqjQ0CJFipgRAjWhAKDCW3YpIL8J6xcMyNU9ipEJXLa+qACgqkEc
wr9IaDsAueQ2fsX+Lg0P+Bg=
=y/KY
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close