Bind could be made to crash if it received specially crafted network
traffic ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 5 and Red HatEnterprise Linux 6Red Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring Sy ...
Synopsis
Important: bind97 security update
Type/Severity
Security Advisory: Important
Topic
An update for bind97 is now available for Red Hat Enterprise Linux 5Red Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CVSS) base score, wh ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 62 Advanced Update Support, Red Hat Enterprise Linux 64 Advanced Update Support, Red Hat Enterprise Linux 65 Advanced Update Support, Red Hat Enterpri ...
Synopsis
Important: bind security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 72 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Tony Finch and Marco Davids reported an assertion failure in BIND, a
DNS server implementation, which causes the server process to
terminate This denial-of-service vulnerability is related to a
defect in the processing of responses with DNAME records from
authoritative servers and primarily affects recursive resolvers
For the stable distribution ...
It was discovered that a maliciously crafted query can cause ISC's
BIND DNS server (named) to crash if both Response Policy Zones (RPZ)
and DNS64 (a bridge between IPv4 and IPv6 networks) are enabled It
is uncommon for both of these options to be used in combination, so
very few systems will be affected by this problem in practice
This update als ...
A denial of service flaw was found in the way BIND handled responses containing a DNAME answer A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response ...
Debian Bug report logs -
#855520
bind9: CVE-2017-3135: Assertion failure when using DNS64 and RPZ can lead to crash
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 19 Feb 2017 17:15:02 UTC
Severity: grave
T ...
Debian Bug report logs -
#830810
bind9: CVE-2016-6170: Improper restriction of zone size limit
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 11 Jul 2016 19:03:01 UTC
Severity: important
Tags: fixed-upstre ...
Debian Bug report logs -
#851062
bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 11 Jan 2017 21:27:01 UTC
Severi ...
Debian Bug report logs -
#831796
bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 19 Jul 2016 14:00:06 UTC
Severi ...
Debian Bug report logs -
#851065
bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 11 Jan 2017 21:30:0 ...
Debian Bug report logs -
#839010
bind9: CVE-2016-2776: Assertion failure in query processing
Package:
bind9;
Maintainer for bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Source for bind9 is src:bind9 (PTS, buildd, popcon)
Reported by: Florian Weimer <fw@denebenyode>
Date: Tue, 27 Sep 2016 17:21:02 UTC
Se ...
Debian Bug report logs -
#842858
bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 1 Nov 2016 20:0 ...
Debian Bug report logs -
#851063
bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date ...
A denial of service flaw was found in the way BIND handled responses containing a DNAME answer A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response ...
A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in dbc or resolverc
During processing of a recursive response that contains a DNAME record in the answer section, BIND can stop execution after encountering an assertion error in resolverc (error message: "INSI ...
Vulmon