Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.
08788290f886b257bb5cf19d5da72a1cebe9c1902c834380c2cebb552a875e12Apple Security Advisory 2013-09-12-1 - OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses Apache issues, BIND issues, ClamAV issues, and more.
6ba59298aa5785b3b0ac181767509f821759a4fbc0ab6e1b3056eb65c22a59a5FreeBSD Security Advisory - BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. DNS64 is an IPv6 transition mechanism that will return a synthesized AAAA response even if there is only an A record available. Due to a software defect a crafted query can cause named(8) to crash with an assertion failure.
7a8b0adfcf6016b307c0e17b5c45fdec29ac76e9591aba0e5450056bd38ad916Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
cd4c4e819b4c3c239ee06046bee62e04089f000fc2faea5c9f5936326037c9c2Red Hat Security Advisory 2012-1549-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server, a resolver library, and tools for verifying that the DNS server is operating correctly. DNS64 is used to automatically generate DNS records so IPv6 based clients can access IPv4 systems through a NAT64 server. A flaw was found in the DNS64 implementation in BIND. If a remote attacker sent a specially-crafted query to a named server, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default.
c93a5ce866293dbb2ff2ab0a0bf4133d25da8724b9adee6bbc7fb91d0b2176a9Ubuntu Security Notice 1657-1 - It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
d7b1d56b33444eb2d6b3f83abac941b3752d58b25e5d677ab4cdf4451fb05d6bMandriva Linux Security Advisory 2012-177 - BIND 9 nameservers using the DNS64 IPv6 transition mechanism are vulnerable to a software defect that allows a crafted query to crash the server with a REQUIRE assertion failure. Remote exploitation of this defect can be achieved without extensive effort, resulting in a denial-of-service vector against affected servers. The updated packages have been upgraded to bind 9.8.4-P1 which is not vulnerable to this issue.
0c694d6b5b9f7cced15468a4804662a86ad30d24bf918c55b7a160b710fe65fc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed