ISC BIND DoS Vulnerability (CVE-2012-5689) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

F5 Networks BIG-IP : BIND vulnerability (SOL14601)

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for an AAAA record. C Tenable...

Amazon Linux: Security Advisory (ALAS-2013-158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2693-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Bind vulnerabilities (USN-2693-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2693-1 advisory. Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to...

OracleVM 3.3 : bind (OVMSA-2014-0084)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-8500 1171973 - Use /dev/urandom when generating rndc.key file 951255 - Remove bogus file from /usr/share/doc, introduced by fix for bug 1092035 - Add support for TLSA resource records...

Oracle Linux 6 : bind (ELSA-2014-0043)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0043 advisory. - Fix CVE-2014-0591 - fix CVE-2013-4854 - fix CVE-2013-2266 - fix CVE-2012-5689 Tenable has extracted the preceding description block directly from the Oracle...

Amazon Linux AMI : bind (ALAS-2013-158)

A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones RPZ. If a remote attacker sent a specially crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by...

SOL14601 - BIND vulnerability CVE-2012-5689

Vulnerability Recommended Actions If using DNS64 and RPZs together, you can mitigate this vulnerability by verifying that the RPZ contains an AAAA rewrite rule for every A rewrite rule in the zone. If the RPZ provides an AAAA answer without the assistance of DNS64, the vulnerability is not...

Oracle Linux 6 : bind (ELSA-2013-0550)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0550 advisory. - fix CVE-2012-5689 - fix CVE-2012-5688 - fix CVE-2012-5166 - fix CVE-2012-4244 - fix CVE-2012-3817 Tenable has extracted the preceding description block direct...

CentOS 6 : bind (CESA-2013:0550)

"Updated bind packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Medium: bind

Issue Overview: A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones RPZ. If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not...

bind security update

CentOS Errata and Security Advisory CESA-2013:0550 Updated bind packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scorin...

RedHat Update for bind RHSA-2013:0550-01

Check for the Version of bind OpenVAS Vulnerability Test RedHat Update for bind RHSA-2013:0550-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RedHat Update for bind RHSA-2013:0550-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 6 : bind (RHSA-2013:0550)

"Updated bind packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

ISC BIND 9 DNS64 远程拒绝服务漏洞

BUGTRAQ ID: 57556 CVECAN ID: CVE-2012-5689 BIND是一个应用非常广泛的DNS协议的实现。 ISC BIND 9.8.x、9.9.x在某些配置中，DNS64的响应策略区域缺少AAAA重写规则，远程攻击者通过AAAA记录查询，可造成拒绝服务（断言失败并退出指定程序）。 0 ISC BIND 9.9.x ISC BIND 9.8.x 临时解决方法： 2013年1月24日厂商已经发布beta版本，修复了此漏洞。如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： 确保RPZ包含每个A重写规则的AAAA重写规则。 厂商补丁： IS...

CVE-2012-5689

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for an AAAA record...

CVE-2012-5689

The CVE-2012-5689 issue affects ISC BIND 9.8.x–9.9.2-P1 when DNS64 with RPZ is used without an AAAA rewrite rule, allowing remote attackers to cause a DoS via an AAAA query (assertion failure and named exit). Affected configurations point to DNS64 + RPZ Rewriting; mitigation in practice is to ens...

Slackware: Security Advisory (SSA:2012-284-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...