Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.
3e69b06ce087bc759fa9828ea0b0cf459d7968e9aa04df031352b20c2a562035Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.
8254c8d55f2667e65687c75dc0e4ebbbd127b907729adba11b4a141d12fc30b2HP Security Bulletin HPSBUX03379 SSRT101976 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
b21fc27083754ab1ae7b8c59ee2c783014b0ec6f8ca5590eded500f0f1ff2e29Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
6226887b79182f2879fc61785788eeaa7e5a8629c7a587dcfebb9b97fe79d104Mandriva Linux Security Advisory 2015-165 - By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service.
1b590fc51333510284a3f960ee5db24e4033e0c82e4a366baec311dff230159aRed Hat Security Advisory 2015-0672-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon to crash under certain conditions.
54ce3fff2cfdb06fe60b9b071696bd0b93e9175b023fa5c0d8d260d7f5a96ed7Mandriva Linux Security Advisory 2015-054 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker.
a34207981a886a158577856e030851948b7a3f3e331735b3a69d0f3f55895e6fFreeBSD Security Advisory - BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. A remote attacker can trigger a crash of a name server that is configured to use managed keys under specific and limited circumstances. However, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted.
0e416654c22a1367cdad06ceb1a67ec74bb5ad43931cfbbd4d5e066547480619Debian Linux Security Advisory 3162-1 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-validation auto;" (as enabled in the Debian default configuration) or "dnssec-lookaside auto;".
712f536a8bf23bc5f8d33db7a0de53d43e7ac7b83f25eb9aa8ff4b95164b1dd5Ubuntu Security Notice 2503-1 - Jan-Piet Mens discovered that Bind incorrectly handled Trust Anchor Management. A remote attacker could use this issue to cause bind to crash, resulting in a denial of service.
896f3f1ebb14472afcabb7f719bd450e53bbba558630a1cb3030afc8ce469de1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed