Lucene search
AmazonALAS-2012-146HistoryDec 07, 2012 - 9:28 a.m.
Important: bind
2012-12-0709:28:00
alas.aws.amazon.com
22
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.035 Low
EPSS
Percentile
91.4%
Issue Overview:
A flaw was found in the DNS64 implementation in BIND. If a remote attacker sent a specially-crafted query to a named server, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. (CVE-2012-5688)
Affected Packages:
bind
Issue Correction:
Run yum update bind to update your system.
New Packages:
i686:
bind-chroot-9.8.2-0.10.rc1.26.amzn1.i686
bind-devel-9.8.2-0.10.rc1.26.amzn1.i686
bind-sdb-9.8.2-0.10.rc1.26.amzn1.i686
bind-utils-9.8.2-0.10.rc1.26.amzn1.i686
bind-9.8.2-0.10.rc1.26.amzn1.i686
bind-libs-9.8.2-0.10.rc1.26.amzn1.i686
bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.i686
src:
bind-9.8.2-0.10.rc1.26.amzn1.src
x86_64:
bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-sdb-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-libs-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-chroot-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-utils-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-devel-9.8.2-0.10.rc1.26.amzn1.x86_64
bind-9.8.2-0.10.rc1.26.amzn1.x86_64
Additional References
Red Hat: CVE-2012-5688
Mitre: CVE-2012-5688
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | bind-chroot | < 9.8.2-0.10.rc1.26.amzn1 | bind-chroot-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-devel | < 9.8.2-0.10.rc1.26.amzn1 | bind-devel-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-sdb | < 9.8.2-0.10.rc1.26.amzn1 | bind-sdb-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-utils | < 9.8.2-0.10.rc1.26.amzn1 | bind-utils-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind | < 9.8.2-0.10.rc1.26.amzn1 | bind-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-libs | < 9.8.2-0.10.rc1.26.amzn1 | bind-libs-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-debuginfo | < 9.8.2-0.10.rc1.26.amzn1 | bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | bind-debuginfo | < 9.8.2-0.10.rc1.26.amzn1 | bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind-sdb | < 9.8.2-0.10.rc1.26.amzn1 | bind-sdb-9.8.2-0.10.rc1.26.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind-libs | < 9.8.2-0.10.rc1.26.amzn1 | bind-libs-9.8.2-0.10.rc1.26.amzn1.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : bind (openSUSE-SU-2012:1649-1)
2014-06-13 00:00:00
ISC BIND 9 DNS64 Handling DoS
2012-12-06 00:00:00
CentOS 6 : bind (CESA-2012:1549)
2012-12-09 00:00:00
freebsd
freebsd
dns/bind9* -- servers using DNS64 can be crashed by a crafted query
2012-11-27 00:00:00
FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query
2013-02-19 00:00:00
openvas
openvas
RedHat Update for bind RHSA-2012:1549-01
2012-12-10 00:00:00
CentOS Update for bind CESA-2012:1549 centos6
2012-12-10 00:00:00
ISC BIND DNS64 Remote Denial of Service Vulnerability (Jan 2016)
2016-01-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package bind version 9.9.2-alt3
2012-12-11 00:00:00
Security fix for the ALT Linux 9 package bind version 9.9.2-alt3
2012-12-11 00:00:00
Security fix for the ALT Linux 8 package bind version 9.9.2-alt3
2012-12-11 00:00:00
debiancve
debiancve
CVE-2012-5688
2012-12-06 11:45:00
redhat
redhat
(RHSA-2012:1549) Important: bind security update
2012-12-06 00:00:00
securityvulns
securityvulns
ISC bind DoS
2012-12-06 00:00:00
prion
prion
Design/Logic Flaw
2012-12-06 11:45:00
seebug
seebug
ISC BIND 9 DNS64 REQUIRE断言失败拒绝服务漏洞
2012-12-11 00:00:00
ubuntu
ubuntu
Bind vulnerability
2012-12-06 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:01.bind
2013-02-19 00:00:00
oraclelinux
oraclelinux
bind security update
2012-12-06 00:00:00
bind security and enhancement update
2013-02-28 00:00:00
ubuntucve
ubuntucve
CVE-2012-5688
2012-12-05 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: bind-9.9.2-5.P1.fc18
2012-12-10 07:10:53
[SECURITY] Fedora 17 Update: bind-9.9.2-3.P1.fc17
2012-12-13 05:50:23
[SECURITY] Fedora 16 Update: bind-9.8.4-3.P1.fc16
2012-12-29 06:29:14
cve
cve
CVE-2012-5688
2012-12-06 11:45:00
centos
centos
bind security update
2012-12-06 22:45:49
slackware
slackware
[slackware-security] bind
2012-12-07 03:50:45
threatpost
threatpost
Six Security Flaws Fixed in BIND 9.9.2
2012-12-05 16:15:32
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.035 Low
EPSS
Percentile
91.4%
Related for ALAS-2012-146