exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

CVE-2011-1910

Status Candidate

Overview

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.

Related Files

HP Security Bulletin HPSBUX03235 SSRT101750 3
Posted Mar 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
MD5 | 703febf71aa71dd5696c81603c15a90a
HP Security Bulletin HPSBUX03235 SSRT101750 2
Posted Feb 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
MD5 | 032523413e9b44fdc3628bab55e686e9
HP Security Bulletin HPSBUX03235 SSRT101750 1
Posted Jan 21, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03235 SSRT101750 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-1910, CVE-2014-8500
MD5 | 93570893c0524a7bc365d374cd7160e9
Gentoo Linux Security Advisory 201206-01
Posted Jun 3, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-1 - Multiple vulnerabilities have been found in BIND, the worst of which allowing to cause remote Denial of Service. Versions less than 9.7.4_p1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3613, CVE-2010-3614, CVE-2010-3615, CVE-2010-3762, CVE-2011-0414, CVE-2011-1910, CVE-2011-2464, CVE-2011-2465, CVE-2011-4313
MD5 | dbc62ea070deb408f2796038b8aadc14
Slackware Security Advisory - BIND Updates
Posted Aug 14, 2011
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-1910, CVE-2011-2464
MD5 | 54712e3e88d0cf42426f23b40a76ee26
Mandriva Linux Security Advisory 2011-104
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-104 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1910
MD5 | ead04afbf2cf0461d1e99d4a0500357d
Red Hat Security Advisory 2011-0845-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0845-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets . An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. Various other issues were also addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2011-1910
MD5 | 793c790013e32ca47a29fa0705a796c5
FreeBSD Security Advisory - BIND Remote Denial Of Service
Posted May 30, 2011
Site security.freebsd.org

FreeBSD Security Advisory - Very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named(8) due to an off-by-one error in a buffer size check.

tags | advisory
systems | freebsd
advisories | CVE-2011-1910
MD5 | f15c72585a8637121b4c9ef5b92e766e
Ubuntu Security Notice USN-1139-1
Posted May 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1139-1 - It was discovered that Bind incorrectly handled certain bad signatures if multiple trust anchors existed for a single zone. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS. Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled certain very large RRSIG RRsets included in negative responses. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-3762, CVE-2011-1910
MD5 | c23b70e91271bcfd86ad725a00c7a970
Debian Security Advisory 2244-1
Posted May 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2011-1910
MD5 | c2f2e05efa951880461f8b7008c7696b
BIND 9 Denial Of Service
Posted May 27, 2011
Site isc.org

DNS BIND Security Advisory - A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash. Versions affected include 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later.

tags | advisory, denial of service
advisories | CVE-2011-1910
MD5 | a49f52ed490ab7ae0865ffc9ca4af703
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close