CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
95.0%
CentOS Errata and Security Advisory CESA-2011:1458
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.
A flaw was discovered in the way BIND handled certain DNS queries, which
caused it to cache an invalid record. A remote attacker could use this
flaw to send repeated queries for this invalid record, causing the
resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)
Users of bind are advised to upgrade to these updated packages, which
resolve this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-November/080369.html
https://lists.centos.org/pipermail/centos-announce/2011-November/080370.html
Affected packages:
bind
bind-chroot
bind-devel
bind-libbind-devel
bind-libs
bind-sdb
bind-utils
caching-nameserver
Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1458
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | bind | < 9.3.6-16.P1.el5_7.1 | bind-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-chroot | < 9.3.6-16.P1.el5_7.1 | bind-chroot-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-devel | < 9.3.6-16.P1.el5_7.1 | bind-devel-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-libbind-devel | < 9.3.6-16.P1.el5_7.1 | bind-libbind-devel-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-libs | < 9.3.6-16.P1.el5_7.1 | bind-libs-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-sdb | < 9.3.6-16.P1.el5_7.1 | bind-sdb-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | bind-utils | < 9.3.6-16.P1.el5_7.1 | bind-utils-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | i386 | caching-nameserver | < 9.3.6-16.P1.el5_7.1 | caching-nameserver-9.3.6-16.P1.el5_7.1.i386.rpm |
CentOS | 5 | x86_64 | bind | < 9.3.6-16.P1.el5_7.1 | bind-9.3.6-16.P1.el5_7.1.x86_64.rpm |
CentOS | 5 | x86_64 | bind-chroot | < 9.3.6-16.P1.el5_7.1 | bind-chroot-9.3.6-16.P1.el5_7.1.x86_64.rpm |