Mageia: Security Advisory (MGASA-2015-0341)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: bind-9.9.6-11.P1.fc21

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 22 Update: bind-9.10.2-5.P4.fc22

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

CentOS Update for bind97 CESA-2015:1707 centos5

Check the version of bind97 SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882278";...

bind: malformed DNSSEC key failed assertion denial of service

A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query for example, a query requiring a response from a zone containing a deliberately malformed key that would cause named functioning as ...

bind: malformed DNSSEC key failed assertion denial of service

A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query for example, a query requiring a response from a zone containing a deliberately malformed key that would cause named functioning as ...

bind -- denial of service vulnerability

ISC reports: Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately...

[SECURITY] Fedora 22 Update: bind-9.10.2-4.P3.fc22

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

Important: Red Hat Security Advisory: bind security update

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

ISC BIND 'isselfsigned()' Denial of Service Vulnerability

BIND is a very widely used implementation of the DNS protocol. ISC BIND name.c is configured as a DNSSEC-verifiable recursive resolver, allowing remote attackers to construct domain data, query the domain name, and submit special requests that can crash the backend program...

SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:1205-1)

bind was updated to fix two security issues : CVE-2015-1349: A problem with trust anchor management could have caused named to crash bsc918330. CVE-2015-4620: Fix resolver crash when validating bsc936476. Note that Tenable Network Security has extracted the preceding description block directly fr...

SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:1204-1)

bind was updated to fix two security issues. These security issues were fixed : - CVE-2015-1349: Named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allowed remote attackers to cause a denial of servic...

DEBIAN-CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

UBUNTU-CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

SUSE-SU-2015:1204-1 Security update for bind

bind was updated to fix two security issues. These security issues were fixed: - CVE-2015-1349: Named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allowed remote attackers to cause a denial of service...

bind: denial of service

A very uncommon combination of zone data has been found that triggers a bug in BIND, with the result that named will exit with a "REQUIRE" failure in name.c when validating the data returned in answer to a recursive query. This means that a recursive resolver that is performing DNSSEC validation...

SUSE SLES11 Security Update : glibc (SUSE-SU-2013:1251-1)

This collective update for the GNU C library glibc provides the following fixes and enhancements : Security issues fixed : - Fix stack overflow in getaddrinfo with many results. bnc813121, CVE-2013-1914 - Fix a different stack overflow in getaddrinfo with many results. bnc828637 - Fix array...

Mozilla Firefox for Android DNS Spoofing Vulnerability

Mozilla Firefox is a popular web browser, and Google Android is a Linux-based open source operating system used mainly in portable devices. A security vulnerability exists in Mozilla Firefox for Android DNS resolution, as the PRNG implementation in DNS resolver fails to correctly use time and PID...