what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2015-4620

Status Candidate

Overview

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.

Related Files

Gentoo Linux Security Advisory 201510-01
Posted Oct 18, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-1349, CVE-2015-4620, CVE-2015-5477, CVE-2015-5722, CVE-2015-5986
SHA-256 | 3e69b06ce087bc759fa9828ea0b0cf459d7968e9aa04df031352b20c2a562035
Red Hat Security Advisory 2015-1471-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-4620
SHA-256 | 2debc590947a9e9122956a6dc9e4c78dece4a4fc8c76d4716510b0804d68f369
Red Hat Security Advisory 2015-1443-01
Posted Jul 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1443-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-4620
SHA-256 | 1dbbc85e48aca9ac27e379fe7a39f4db7e8eaec82b3a1090f9a8b0c6a929064e
HP Security Bulletin HPSBUX03379 SSRT101976 1
Posted Jul 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03379 SSRT101976 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-1349, CVE-2015-4620
SHA-256 | b21fc27083754ab1ae7b8c59ee2c783014b0ec6f8ca5590eded500f0f1ff2e29
FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 8, 2015
Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 is an implementation of the Domain Name System (DNS) protocol. The named daemon is an Internet Domain Name Server. The libdns library is a library of DNS protocol support functions. Due to a software defect, specially constructed zone data could cause named to crash with an assertion failure and rejecting the malformed query when DNSSEC validation is enabled. An attacker who can cause specific queries to be sent to a nameserver could cause named to crash, resulting in a denial of service.

tags | advisory, denial of service, protocol
systems | freebsd
advisories | CVE-2015-4620
SHA-256 | 08e7620d8f3528815ea6adf5b08b755493b804636e13bbbcda7678f4beace8a4
Slackware Security Advisory - bind Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-4620
SHA-256 | 373653c23b56b8f35ca33a553f1f82a4369df198a6d32f733510f02e0fe94d83
Ubuntu Security Notice USN-2669-1
Posted Jul 8, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2669-1 - Breno Silveira Soares discovered that Bind incorrectly handled certain zone data when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-4620
SHA-256 | 6accc1bd522b0556fd46b05f41d272a2952268c1c6bcfae78b28a72de1138ce0
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close