bind9 - security update

2015-12-1700:00:00

Google

osv.dev

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

It was discovered that the BIND DNS server does not properly handle the
parsing of incoming responses, allowing some records with an incorrect
class to be accepted by BIND instead of being rejected as malformed.
This can trigger a REQUIRE assertion failure when those records are
subsequently cached. A remote attacker can exploit this flaw to cause a
denial of service against servers performing recursive queries.

CPENameOperatorVersion
bind9eq1:9.7.3.dfsg-1~squeeze3~bpo50+1
bind9eq1:9.7.3.dfsg-1~squeeze7
bind9eq1:9.7.3.dfsg-1~squeeze14
bind9eq1:9.7.3.dfsg-1~squeeze15
bind9eq1:9.7.3.dfsg-1~squeeze11
bind9eq1:9.7.3.dfsg-1~squeeze2~bpo50+1
bind9eq1:9.7.3.dfsg-1~squeeze16
bind9eq1:9.7.3.dfsg-1~squeeze3
bind9eq1:9.7.3.dfsg-1~squeeze9
bind9eq1:9.7.3.dfsg-1~squeeze6

Name	Operator	Version
bind9	eq	1:9.7.3.dfsg-1~squeeze3~bpo50+1
bind9	eq	1:9.7.3.dfsg-1~squeeze7
bind9	eq	1:9.7.3.dfsg-1~squeeze14
bind9	eq	1:9.7.3.dfsg-1~squeeze15
bind9	eq	1:9.7.3.dfsg-1~squeeze11
bind9	eq	1:9.7.3.dfsg-1~squeeze2~bpo50+1
bind9	eq	1:9.7.3.dfsg-1~squeeze16
bind9	eq	1:9.7.3.dfsg-1~squeeze3
bind9	eq	1:9.7.3.dfsg-1~squeeze9
bind9	eq	1:9.7.3.dfsg-1~squeeze6