Lucene search
AmazonALAS-2011-024HistoryNov 30, 2011 - 9:59 p.m.
Important: bind
2011-11-3021:59:00
alas.aws.amazon.com
22
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
94.9%
Issue Overview:
A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion.
Affected Packages:
bind
Issue Correction:
Run yum update bind to update your system.
New Packages:
i686:
bind-9.7.3-2.11.amzn1.i686
bind-debuginfo-9.7.3-2.11.amzn1.i686
bind-utils-9.7.3-2.11.amzn1.i686
bind-sdb-9.7.3-2.11.amzn1.i686
bind-chroot-9.7.3-2.11.amzn1.i686
bind-libs-9.7.3-2.11.amzn1.i686
bind-devel-9.7.3-2.11.amzn1.i686
src:
bind-9.7.3-2.11.amzn1.src
x86_64:
bind-libs-9.7.3-2.11.amzn1.x86_64
bind-devel-9.7.3-2.11.amzn1.x86_64
bind-9.7.3-2.11.amzn1.x86_64
bind-debuginfo-9.7.3-2.11.amzn1.x86_64
bind-chroot-9.7.3-2.11.amzn1.x86_64
bind-sdb-9.7.3-2.11.amzn1.x86_64
bind-utils-9.7.3-2.11.amzn1.x86_64
Additional References
Red Hat: CVE-2011-4313
Mitre: CVE-2011-4313
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | bind | < 9.7.3-2.11.amzn1 | bind-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-debuginfo | < 9.7.3-2.11.amzn1 | bind-debuginfo-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-utils | < 9.7.3-2.11.amzn1 | bind-utils-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-sdb | < 9.7.3-2.11.amzn1 | bind-sdb-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-chroot | < 9.7.3-2.11.amzn1 | bind-chroot-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-libs | < 9.7.3-2.11.amzn1 | bind-libs-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-devel | < 9.7.3-2.11.amzn1 | bind-devel-9.7.3-2.11.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | bind-libs | < 9.7.3-2.11.amzn1 | bind-libs-9.7.3-2.11.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind-devel | < 9.7.3-2.11.amzn1 | bind-devel-9.7.3-2.11.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind | < 9.7.3-2.11.amzn1 | bind-9.7.3-2.11.amzn1.x86_64.rpm |
Related
fedora
fedora
[SECURITY] Fedora 16 Update: bind-9.8.1-4.P1.fc16
2011-11-19 06:03:27
[SECURITY] Fedora 15 Update: bind-9.8.1-3.P1.fc15
2011-11-25 23:25:02
[SECURITY] Fedora 16 Update: bind-9.8.3-2.P1.fc16
2012-06-15 12:24:27
nessus
nessus
ISC BIND 9 Query.c Logging Resolver Denial of Service
2011-11-17 00:00:00
F5 Networks BIG-IP : BIND vulnerability (SOL14204)
2014-10-10 00:00:00
Oracle Linux 5 : bind97 (ELSA-2011-1459)
2013-07-12 00:00:00
openvas
openvas
CentOS Update for bind97 CESA-2011:1459 centos5 x86_64
2012-07-30 00:00:00
Mandriva Update for bind MDVSA-2011:176 (bind)
2011-11-18 00:00:00
FreeBSD Ports: bind96
2012-02-13 00:00:00
f5
f5
K14204 : BIND vulnerability CVE-2011-4313
2013-09-10 00:00:00
SOL14204 - BIND vulnerability CVE-2011-4313
2013-02-12 00:00:00
oraclelinux
oraclelinux
bind97 security update
2011-11-17 00:00:00
bind security update
2011-11-29 00:00:00
bind security update
2011-11-17 00:00:00
cisa
cisa
Internet Systems Consortium Releases BIND-P1 Patches
2011-11-17 00:00:00
cve
cve
CVE-2011-4313
2011-11-29 17:55:00
CVE-2011-4456
2011-11-16 19:55:00
debian
debian
[SECURITY] [DSA 2347-1] bind9 security update
2011-11-16 20:44:22
suse
suse
Security update for bind (important)
2011-11-23 05:08:36
bind (important)
2011-11-22 13:08:45
Security update for bind (important)
2011-11-22 01:08:39
cert
cert
ISC BIND 9 resolver denial of service vulnerability
2011-11-22 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:06.bind
2011-12-23 00:00:00
thn
thn
Patches Released for BIND Denial-of-service Vulnerability
2011-11-17 21:43:00
redhat
redhat
(RHSA-2011:1459) Important: bind97 security update
2011-11-17 00:00:00
(RHSA-2011:1458) Important: bind security update
2011-11-17 00:00:00
(RHSA-2011:1496) Important: bind security update
2011-11-29 00:00:00
veracode
veracode
Denial Of Service(DoS)
2020-04-10 01:04:31
prion
prion
Design/Logic Flaw
2011-11-29 17:55:00
securityvulns
securityvulns
[USN-1264-1] Bind vulnerability
2011-11-20 00:00:00
bind DNS server DoS
2011-11-20 00:00:00
centos
centos
bind97 security update
2011-11-18 13:25:41
bind, caching security update
2011-11-18 13:24:22
bind security update
2011-11-29 18:31:45
debiancve
debiancve
CVE-2011-4313
2011-11-29 17:55:00
threatpost
threatpost
New Flaw in BIND Causing Server Crashes
2011-11-16 19:29:10
ubuntu
ubuntu
Bind vulnerability
2011-11-16 00:00:00
freebsd
freebsd
BIND -- Remote DOS
2011-11-16 00:00:00
ubuntucve
ubuntucve
CVE-2011-4313
2011-11-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 6 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 7 package bind version 9.3.6-alt7
2011-12-16 00:00:00
gentoo
gentoo
BIND: Multiple vulnerabilities
2012-06-02 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
94.9%
Related for ALAS-2011-024