8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:N/A:C
0.94 High
EPSS
Percentile
98.9%
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.
A flaw was found in the way BIND handled zero length resource data records.
A malicious owner of a DNS domain could use this flaw to create
specially-crafted DNS resource records that would cause a recursive
resolver or secondary server to crash or, possibly, disclose portions of
its memory. (CVE-2012-1667)
Users of bind are advised to upgrade to these updated packages, which
correct this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | i386 | bind-libs | < 9.2.4-39.el4 | bind-libs-9.2.4-39.el4.i386.rpm |
RedHat | 4 | i386 | bind-utils | < 9.2.4-39.el4 | bind-utils-9.2.4-39.el4.i386.rpm |
RedHat | 4 | i386 | bind | < 9.2.4-39.el4 | bind-9.2.4-39.el4.i386.rpm |
RedHat | 4 | ia64 | bind-utils | < 9.2.4-39.el4 | bind-utils-9.2.4-39.el4.ia64.rpm |
RedHat | 4 | ia64 | bind | < 9.2.4-39.el4 | bind-9.2.4-39.el4.ia64.rpm |
RedHat | 4 | src | bind | < 9.2.4-39.el4 | bind-9.2.4-39.el4.src.rpm |
RedHat | 4 | ia64 | bind-devel | < 9.2.4-39.el4 | bind-devel-9.2.4-39.el4.ia64.rpm |
RedHat | 4 | x86_64 | bind | < 9.2.4-39.el4 | bind-9.2.4-39.el4.x86_64.rpm |
RedHat | 4 | i386 | bind-devel | < 9.2.4-39.el4 | bind-devel-9.2.4-39.el4.i386.rpm |
RedHat | 4 | ia64 | bind-libs | < 9.2.4-39.el4 | bind-libs-9.2.4-39.el4.ia64.rpm |