Red Hat Security Advisory 2016-0078-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.
0ed3af1b476de859391daa5f87e999a2851fe7c925578620450a6d7ababb9e84Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.
8254c8d55f2667e65687c75dc0e4ebbbd127b907729adba11b4a141d12fc30b2HPE Security Bulletin HPSBUX03400 SSRT102211 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
928c02d212c071234ac998c1ccd542c75746befe86272f5fc87537250be7fe15Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
6226887b79182f2879fc61785788eeaa7e5a8629c7a587dcfebb9b97fe79d104Mandriva Linux Security Advisory 2015-165 - By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service.
1b590fc51333510284a3f960ee5db24e4033e0c82e4a366baec311dff230159aHP Security Bulletin HPSBUX03235 SSRT101750 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.
48ab3ea388c95dfd47a9112080b4f0070bbdd1ea48a4360f9fec2342840fcc7aHP Security Bulletin HPSBUX03235 SSRT101750 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
924d7f74cde87a934f3d4a52b5cd0d4c0a57304074cefdab1b18c7c7536e9634Gentoo Linux Security Advisory 201502-3 - Multiple vulnerabilities have been found in BIND, allowing remote attackers to cause a denial of service condition. Versions less than 9.10.1_p1 are affected.
29996efc17656791f375ebed3e7ae8acf9c6003f05f2581f63f8031372d6ef5aHP Security Bulletin HPSBUX03235 SSRT101750 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
4c2686d9217959c611f3652b5055b42e3e093e294f4e49a09149130e42581ce7Mandriva Linux Security Advisory 2014-238 - By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service.
364612ecdde69424cfdbb1508aea34aebe69c539fdb8ce4505af27a85795d201Red Hat Security Advisory 2014-1985-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.
80b5d38f57260b3a962b8a2b0f4fd7064ffb4a33fe8c3de927322f243c9d200aRed Hat Security Advisory 2014-1984-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.
87b5b982594ba2b6e1106bf92f7524c83e64a6f93b0b3a96deb18212d2feb05dSlackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
b5cc39b89f4c29e479b74af161347cfae3e627e2878e0e185eb14f815b48b2a9FreeBSD Security Advisory - By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can cause named(8) to crash, leading to a denial of service. All recursive BIND DNS servers are vulnerable to this. Authoritative servers are only vulnerable if the attacker is able to control a delegation traversed by the authoritative server in order to serve the zone.
2e31c97b539fc4e82125d344b6a294a5f148924e94a9c92ba2717d666271304cDebian Linux Security Advisory 3094-1 - It was discovered that BIND, a DNS server, is prone to a denial of service vulnerability. By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process).
1d2684cbff318116da931be8775f83a064a4521f81b9e896735e6547897432ecUbuntu Security Notice 2437-1 - Florian Maury discovered that Bind incorrectly handled delegation. A remote attacker could possibly use this issue to cause Bind to consume resources and crash, resulting in a denial of service.
3d1d036b529b6873104212a11d009791b5b4b740cb524238ad8f2bfb5b4b7a8a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed