Lucene search
AmazonALAS-2015-490HistoryMar 13, 2015 - 2:33 a.m.
Medium: bind
2015-03-1302:33:00
alas.aws.amazon.com
13
5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.069 Low
EPSS
Percentile
93.9%
Issue Overview:
A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions.
Affected Packages:
bind
Issue Correction:
Run yum update bind to update your system.
New Packages:
i686:
bind-devel-9.8.2-0.30.rc1.36.amzn1.i686
bind-libs-9.8.2-0.30.rc1.36.amzn1.i686
bind-utils-9.8.2-0.30.rc1.36.amzn1.i686
bind-debuginfo-9.8.2-0.30.rc1.36.amzn1.i686
bind-9.8.2-0.30.rc1.36.amzn1.i686
bind-chroot-9.8.2-0.30.rc1.36.amzn1.i686
bind-sdb-9.8.2-0.30.rc1.36.amzn1.i686
src:
bind-9.8.2-0.30.rc1.36.amzn1.src
x86_64:
bind-devel-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-debuginfo-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-sdb-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-libs-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-utils-9.8.2-0.30.rc1.36.amzn1.x86_64
bind-chroot-9.8.2-0.30.rc1.36.amzn1.x86_64
Additional References
Red Hat: CVE-2015-1349
Mitre: CVE-2015-1349
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | bind-devel | < 9.8.2-0.30.rc1.36.amzn1 | bind-devel-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-libs | < 9.8.2-0.30.rc1.36.amzn1 | bind-libs-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-utils | < 9.8.2-0.30.rc1.36.amzn1 | bind-utils-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-debuginfo | < 9.8.2-0.30.rc1.36.amzn1 | bind-debuginfo-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind | < 9.8.2-0.30.rc1.36.amzn1 | bind-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-chroot | < 9.8.2-0.30.rc1.36.amzn1 | bind-chroot-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-sdb | < 9.8.2-0.30.rc1.36.amzn1 | bind-sdb-9.8.2-0.30.rc1.36.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | bind-devel | < 9.8.2-0.30.rc1.36.amzn1 | bind-devel-9.8.2-0.30.rc1.36.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind | < 9.8.2-0.30.rc1.36.amzn1 | bind-9.8.2-0.30.rc1.36.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind-debuginfo | < 9.8.2-0.30.rc1.36.amzn1 | bind-debuginfo-9.8.2-0.30.rc1.36.amzn1.x86_64.rpm |
Related
securityvulns
securityvulns
ISC bind named DoS
2015-02-22 00:00:00
[USN-2503-1] Bind vulnerability
2015-02-22 00:00:00
nessus
nessus
Amazon Linux AMI : bind (ALAS-2015-490)
2015-03-17 00:00:00
Fedora 20 : bind-9.9.4-18.P2.fc20 (2015-2548)
2015-03-06 00:00:00
CentOS 6 / 7 : bind (CESA-2015:0672)
2015-03-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:05:02
f5
f5
SOL16356 - BIND vulnerability CVE-2015-1349
2015-04-02 00:00:00
K16356 : BIND vulnerability CVE-2015-1349
2015-09-16 00:00:00
cisa
cisa
ISC Releases Security Updates for BIND
2015-02-18 00:00:00
debian
debian
[SECURITY] [DLA 163-1] bind9 security update
2015-03-01 19:00:55
[SECURITY] [DSA 3162-1] bind9 security update
2015-02-18 21:23:18
openvas
openvas
Debian: Security Advisory (DLA-163-1)
2023-03-08 00:00:00
ISC BIND Denial of Service Vulnerability (CVE-2015-1349)
2016-01-27 00:00:00
Debian: Security Advisory (DSA-3162-1)
2015-02-17 00:00:00
mageia
mageia
Updated bind packages fix CVE-2015-1349
2015-02-21 21:03:39
redhat
redhat
(RHSA-2015:0672) Moderate: bind security update
2015-03-10 15:07:28
ibm
ibm
osv
osv
bind9 - security update
2015-02-18 00:00:00
bind9 - security update
2015-03-01 00:00:00
centos
centos
bind security update
2015-03-11 11:18:31
prion
prion
Design/Logic Flaw
2015-02-19 03:01:00
ubuntucve
ubuntucve
CVE-2015-1349
2015-02-18 00:00:00
cve
cve
CVE-2015-1349
2015-02-19 03:01:00
oraclelinux
oraclelinux
bind security update
2015-03-12 00:00:00
debiancve
debiancve
CVE-2015-1349
2015-02-19 03:01:00
ubuntu
ubuntu
Bind vulnerability
2015-02-18 00:00:00
freebsd
freebsd
bind -- denial of service vulnerability
2015-02-18 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:05.bind
2015-02-25 00:00:00
suse
suse
Security update for bind (important)
2015-07-08 16:08:18
Security update for bind (important)
2015-07-31 12:08:25
fedora
fedora
[SECURITY] Fedora 21 Update: bind-9.9.6-8.P1.fc21
2015-03-05 12:38:47
[SECURITY] Fedora 20 Update: bind-9.9.4-18.P2.fc20
2015-03-05 12:38:53
[SECURITY] Fedora 21 Update: bind-9.9.6-9.P1.fc21
2015-07-21 08:22:09
slackware
slackware
[slackware-security] bind
2015-04-22 02:16:38
gentoo
gentoo
BIND: Denial of service
2015-10-18 00:00:00
5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.069 Low
EPSS
Percentile
93.9%
Related for ALAS-2015-490