exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2017-3137

Status Candidate

Overview

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.

Related Files

Gentoo Linux Security Advisory 201708-01
Posted Aug 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201708-1 - Multiple vulnerabilities have been found in BIND, the worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 9.11.1_p1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778, CVE-2017-3135, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138, CVE-2017-3140, CVE-2017-3141
SHA-256 | 26ecec5b9c39723c91713f534c2bfcfc46f59790162df2b1e8c128e88b83f604
Red Hat Security Advisory 2017-1583-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1583-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2016-8864, CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2017-3137
SHA-256 | e9b9a042180a214847e5dfb74e6d32ab0f667bf43a23874c8dba389ebd9a427a
Red Hat Security Advisory 2017-1582-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1582-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3137, CVE-2017-3139
SHA-256 | 84b22a5a96a36143771a9bef7a93bdc0456d8db21ec2a432908506f424ef8eae
Ubuntu Security Notice USN-3259-1
Posted Apr 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3259-1 - It was discovered that the resolver in Bind made incorrect assumptions about ordering when processing responses containing a CNAME or DNAME. An attacker could use this cause a denial of service. Oleg Gorokhov discovered that in some situations, Bind did not properly handle DNS64 queries. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3136, CVE-2017-3137, CVE-2017-3138
SHA-256 | e0a0e188df74112ab2a5202c03048a265df98295b15a73fdf2ea5b6597bc2f95
Red Hat Security Advisory 2017-1105-01
Posted Apr 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1105-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3136, CVE-2017-3137
SHA-256 | 750af2cfd7077f5aa560bd12ea85be9ce9139025ffa43ec631dfd047484d2561
Red Hat Security Advisory 2017-1095-01
Posted Apr 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1095-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3136, CVE-2017-3137
SHA-256 | c4571355414950b77877a51816a24f66565ec135fb82f79a4c69cf27e893d96d
Slackware Security Advisory - bind Updates
Posted Apr 14, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-3136, CVE-2017-3137, CVE-2017-3138
SHA-256 | 8f66b44ecd8a0a2c159d1c178faec63e9c0d53fff93187999610850c6570b1f1
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close