what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

CVE-2015-5722

Status Candidate

Overview

buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

Related Files

HP Security Bulletin HPSBHF03539 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5477, CVE-2015-5600, CVE-2015-5722
MD5 | 6b1d5c4e2723750b4c85c318fa20f427
Red Hat Security Advisory 2016-0079-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0079-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477, CVE-2015-5722, CVE-2015-8000
MD5 | ef0d7901d4c66b8d3cb693c33916cb38
Red Hat Security Advisory 2016-0078-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0078-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2014-8500, CVE-2015-5477, CVE-2015-5722, CVE-2015-8000
MD5 | 65c451c3ffec74d06e5c4578d05d3522
HPE Security Bulletin HPSBUX03529 SSRT102967 1
Posted Dec 16, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03529 SSRT102967 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-5722, CVE-2015-8000
MD5 | 0d256bfec881741165839a79ad4190d0
HPE Security Bulletin HPSBUX03522 SSRT102942 1
Posted Nov 20, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03522 SSRT102942 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5722
MD5 | 0a201f7c5b685156b0193e69153cbc7f
Apple Security Advisory 2015-10-21-8
Posted Oct 21, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-10-21-8 - OS X Server 5.0.15 is now available and addresses BIND and bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2015-5722, CVE-2015-5986, CVE-2015-7031
MD5 | 89d74c687550d2db47b44e8180b3b8a4
Gentoo Linux Security Advisory 201510-01
Posted Oct 18, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-1349, CVE-2015-4620, CVE-2015-5477, CVE-2015-5722, CVE-2015-5986
MD5 | 8db86de9b767ea2ecb35b07407ca5440
HPE Security Bulletin HPSBUX03511 SSRT102248 1
Posted Sep 23, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477, CVE-2015-5722
MD5 | a914255097782bd38670d4a4c6731949
Ubuntu Security Notice USN-2728-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2728-1 - Hanno Boeck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5722
MD5 | da4c833a2081989341c60865a2a6423f
Slackware Security Advisory - bind Updates
Posted Sep 3, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5722, CVE-2015-5986
MD5 | 9de9b0a397dd7d29100cde91334cb5c5
Debian Security Advisory 3350-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3350-1 - Hanno Boeck discovered that incorrect validation of DNSSEC-signed records in the Bind DNS server could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2015-5722
MD5 | 17ca3fe9b87bd1e131d6dc586ad2fd67
Red Hat Security Advisory 2015-1706-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1706-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | 7df8d79363946afd222469de855f014b
Red Hat Security Advisory 2015-1705-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1705-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | 9e67b9213a176e67002ec612158c35b9
Red Hat Security Advisory 2015-1707-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1707-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | bc0de5e1b241afd08477f41581dbaebd
FreeBSD Security Advisory - BIND Denial Of Service
Posted Sep 2, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. A remote attacker can deliberately trigger the failed assertion which will cause an affected server to terminate, by using a query that requires a response from a zone containing a malformed key, resulting in a denial of service condition. Recursive servers are at greatest risk, however, an authoritative server could also be affected, if an attacker controls a zone that the server must query against to perform its zone service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2015-5722
MD5 | 2223cf4358d2bd313c49a41886d70f86
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close