exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2011-1910

Status Candidate

Overview

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.

Related Files

HP Security Bulletin HPSBUX03235 SSRT101750 3
Posted Mar 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
SHA-256 | 48ab3ea388c95dfd47a9112080b4f0070bbdd1ea48a4360f9fec2342840fcc7a
HP Security Bulletin HPSBUX03235 SSRT101750 2
Posted Feb 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
SHA-256 | 924d7f74cde87a934f3d4a52b5cd0d4c0a57304074cefdab1b18c7c7536e9634
HP Security Bulletin HPSBUX03235 SSRT101750 1
Posted Jan 21, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
SHA-256 | 4c2686d9217959c611f3652b5055b42e3e093e294f4e49a09149130e42581ce7
Gentoo Linux Security Advisory 201206-01
Posted Jun 3, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-1 - Multiple vulnerabilities have been found in BIND, the worst of which allowing to cause remote Denial of Service. Versions less than 9.7.4_p1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3613, CVE-2010-3614, CVE-2010-3615, CVE-2010-3762, CVE-2011-0414, CVE-2011-1910, CVE-2011-2464, CVE-2011-2465, CVE-2011-4313
SHA-256 | cb5c547e8c208931dc81261447f257bec2b215414a6d99687b7c8512bca1a997
Slackware Security Advisory - BIND Updates
Posted Aug 14, 2011
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-1910, CVE-2011-2464
SHA-256 | e42977144da26838096ac549327a052eaea9d4a6a2464aced3281a4b60e71a08
Mandriva Linux Security Advisory 2011-104
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-104 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1910
SHA-256 | 508ee1aa8ffd4f27a9758171dac332d4d481de68724feca7f6f389471dc75d4c
Red Hat Security Advisory 2011-0845-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0845-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets . An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. Various other issues were also addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2011-1910
SHA-256 | fdd26d6be250c5e59d407805f2b6df7ae8325c4a142b01bfff30b9ddbfe7da6f
FreeBSD Security Advisory - BIND Remote Denial Of Service
Posted May 30, 2011
Site security.freebsd.org

FreeBSD Security Advisory - Very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named(8) due to an off-by-one error in a buffer size check.

tags | advisory
systems | freebsd
advisories | CVE-2011-1910
SHA-256 | 830b4abf997e208ee19a29014f1bce9fcf3eacab0dd0921152c8321eb8c768ce
Ubuntu Security Notice USN-1139-1
Posted May 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1139-1 - It was discovered that Bind incorrectly handled certain bad signatures if multiple trust anchors existed for a single zone. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS. Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled certain very large RRSIG RRsets included in negative responses. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-3762, CVE-2011-1910
SHA-256 | 82a2c36b85a888540cafda385a6411a7d5d9aa9aa7f327427e24d3e0ecb19e3a
Debian Security Advisory 2244-1
Posted May 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2011-1910
SHA-256 | 1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17
BIND 9 Denial Of Service
Posted May 27, 2011
Site isc.org

DNS BIND Security Advisory - A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash. Versions affected include 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later.

tags | advisory, denial of service
advisories | CVE-2011-1910
SHA-256 | fa50a97638e2f7e6a97d4f93201d255bcf855b0b42fd27b17eea562af70dec7f
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close