HP Security Bulletin HPSBUX03235 SSRT101750 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.
48ab3ea388c95dfd47a9112080b4f0070bbdd1ea48a4360f9fec2342840fcc7aHP Security Bulletin HPSBUX03235 SSRT101750 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
924d7f74cde87a934f3d4a52b5cd0d4c0a57304074cefdab1b18c7c7536e9634HP Security Bulletin HPSBUX03235 SSRT101750 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
4c2686d9217959c611f3652b5055b42e3e093e294f4e49a09149130e42581ce7Gentoo Linux Security Advisory 201206-1 - Multiple vulnerabilities have been found in BIND, the worst of which allowing to cause remote Denial of Service. Versions less than 9.7.4_p1 are affected.
cb5c547e8c208931dc81261447f257bec2b215414a6d99687b7c8512bca1a997Slackware Security Advisory - New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
e42977144da26838096ac549327a052eaea9d4a6a2464aced3281a4b60e71a08Mandriva Linux Security Advisory 2011-104 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets.
508ee1aa8ffd4f27a9758171dac332d4d481de68724feca7f6f389471dc75d4cRed Hat Security Advisory 2011-0845-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets . An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. Various other issues were also addressed.
fdd26d6be250c5e59d407805f2b6df7ae8325c4a142b01bfff30b9ddbfe7da6fFreeBSD Security Advisory - Very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named(8) due to an off-by-one error in a buffer size check.
830b4abf997e208ee19a29014f1bce9fcf3eacab0dd0921152c8321eb8c768ceUbuntu Security Notice 1139-1 - It was discovered that Bind incorrectly handled certain bad signatures if multiple trust anchors existed for a single zone. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS. Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled certain very large RRSIG RRsets included in negative responses. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.
82a2c36b85a888540cafda385a6411a7d5d9aa9aa7f327427e24d3e0ecb19e3aDebian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.
1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17DNS BIND Security Advisory - A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash. Versions affected include 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later.
fa50a97638e2f7e6a97d4f93201d255bcf855b0b42fd27b17eea562af70dec7f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed