40 matches found
MiracleLinux 7 : bind-9.9.4-38.2.0.1.el7.AXS7 (AXSA:2017-1297:02)
"The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1297:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names...
Security Bulletin: Vulnerabilities in BIND affect Power Hardware Management Console
Summary BIND is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-9778 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the improper handling of specific queries when using the nxdomain-redirect feature...
SUSE: Security Advisory (SUSE-SU-2017:0596-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2017-1025)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2016-9131, CVE-2016-9444, CVE-2016-9147, CVE-2016-9778 and CVE-2017-3135)
Summary ISC BIND is vulnerable to several security vulnerabilities. IBM i has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-9778 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the improper handling of specific queries when using the nxdomain-redirec...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in bind (CVE-2017-3135)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in bind. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in bind. Vulnerability Details CVEID: CVE-2017-3135 Description: ISC BIND is vulnerabl...
CVE-2017-3135
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...
CVE-2017-3135
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...
CVE-2017-3135
ISC BIND 9 DNS64 and RPZ combined can crash the server. CVE-2017-3135 causes an assertion failure or NULL pointer dereference when query responses are rewritten with both DNS64 and RPZ enabled, leading to a denial of service. Affected versions include BIND 9.8.8 and 9.9.3–9.9.9 (S1–S7/P5), 9.9.10...
CVE-2017-3135
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...
GLSA-201708-01 : BIND: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201708-01 BIND: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted DNS request ...
Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-0276)
"An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ISC BIND DNS64 and RPZ Query Processing Denial of Service (CVE-2017-3135)
A denial-of-service vulnerability exists in ISC BIND. The vulnerability is due to a defect that can cause the named service to exit with an assertion failure or crash due to a NULL pointer dereference while processing a query and running a specific configuration. A remote, unauthenticated attacke...
EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1026)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this fla...
USN-3201-1: Bind vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a deni...
openSUSE Security Update : bind (openSUSE-2017-314)
This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc1024130 This update was imported from the SUSE:SLE-12-SP1:Update update project. %NASLMINLEVEL 70300 C Tenable Network...
Fedora 24 : bind99 (2017-d0c9bf9508)
Security fix for CVE-2017-3135 unaffected, fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 25 : bind99 (2017-96b7f4f53e)
Security fix for CVE-2017-3135 unaffected, fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
SUSE SLES12 Security Update : bind (SUSE-SU-2017:0594-1)
This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc1024130 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0596-1)
This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc1024130 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...