USN-418-1: Bind vulnerabilities

A flaw was discovered in Bind's DNSSEC validation code. Remote attackers could send a specially crafted DNS query which would cause the Bind server to crash, resulting in a denial of service. Only servers configured to use DNSSEC extensions were vulnerable...

Moderate: bind security update

20:9.2.4-24.EL4 - fixed a multilib regression 20:9.2.4-22.EL4 - added fix for 225222: CVE-2007-0494 BIND dnssec denial of service 20:9.2.4-20.EL4 - fix bug 203070: rndc.conf change breaks working bind config - fix bug 204288: postinstall scriptlet sets wrong permission 0655 20:9.2.4-18.EL4 - fix...

[SECURITY] Fedora Core 6 Update: bind-9.3.4-1.fc6

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

rPSA-2007-0021-1 bind bind-utils

rPath Security Advisory: 2007-0021-1 Published: 2007-01-25 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 Reference...

[slackware-security] bind

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix denial of service security issues. Versions of bind-9.2.x older than bind-9.2.8, and versions of bind-9.3.x older than 9.3.4 can be made to crash with malformed local or remote data. More details about...

DSA-1254-1 bind9

Bulletin has no description...

CVE-2007-0493

CVE-2007-0493 is a use-after-free in ISC BIND that allows remote attackers to cause a named daemon crash by dereferencing a freed fetch context. Affected BIND versions include 9.3.0–9.3.3, 9.4.0a1–9.4.0a6, 9.4.0b1–9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only). The issue stems from accessing me...

MS Internet Explorer VML Download and Execute Exploit (MS07-004)

Exploit for unknown platform in category remote exploits ================================================================ MS Internet Explorer VML Download and Execute Exploit MS07-004 ================================================================ c pang0 // www.tcbilisim.org bug found3d by...

Mandrake Linux Security Advisory : bind (MDKSA-2006:163)

A vulnerability in BIND was discovered where it did not sufficiently verify particular requests and responses from other name servers and users. This could be exploited by sending a specially crafted packet to crash the name server. Updated packages have been patched to address these issues...

[OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory OpenPKG GmbH http://openpkg.org/security/ http://openpkg.com OpenPKG-SA-2006.033 2006-11-10 Package: openldap Vulnerability: denial of service OpenPKG Specific: no Affected Series: Affected Packages: Corrected Packages:...

[slackware-security] bind

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions these patches were already issued for Slackware. ...

[OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory OpenPKG GmbH http://openpkg.org/security/ http://openpkg.com OpenPKG-SA-2006.029 2006-11-04 Package: bind Vulnerability: signature verification failure OpenPKG Specific: no Affected Series: Affected Packages: Corrected...

BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (2)

No description provided by source. / copyright LAST STAGE OF DELIRIUM feb 2001 poland ://lsd-pl.net/ / / bind 8.2 8.2.1 8.2.2 8.2.2-PX Slackware 4.0/RedHat 6.2 / / The code establishes a TCP connection with port 53 of a target system. / / It makes use of the "infoleak" bug through UDP to obtain t...

GLSA-200609-11 : BIND: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200609-11 BIND: Denial of Service Queries for SIG records will cause an assertion error if more than one SIG RRset is returned. Additionally, an INSIST failure can be triggered by sending multiple recursive queries if the response...

[slackware-security] bind DoS

New bind packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a Denial of Service issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4095 https://vulners.com/cve/CVE-2006-4096...

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via certain SIG queries, which cause an assertion failure when multiple RRsets are returned...

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via certain SIG queries, which cause an assertion failure when multiple RRsets are returned...

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

DEBIAN-CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...