213 matches found
unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet
A flaw was found in unbound. A reachable assertion in the dnamepktcopy function can be triggered by sending invalid packets to the server. The highest threat from this vulnerability is to service availability...
openSUSE Security Update : bind (openSUSE-2021-668)
This update for bind fixes the following issues : - CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records...
OPENSUSE-SU-2021:0668-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records...
SUSE-SU-2021:1468-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact ...
bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 7 : bind (RHSA-2021:1476)
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1476 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
RHEL 7 : bind (RHSA-2021:1475)
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1475 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
Debian DSA-4909-1 : bind9 - security update
Several vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2021-25214 Greg Kuechle discovered that a malformed incoming IXFR transfer could trigger an assertion failure in named, resulting in denial of service. - CVE-2021-25215 Siva Kakarla discovered that named could cra...
[SECURITY] [DSA 4909-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4909-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2021 https://www.debian.org/security/faq -...
ISC BIND DNAME Recursion DoS (CVE-2021-25215)
According to its self-reported version, the ISC Bind present on the remote host is affected by a denial of service vulnerability: - DNAME records, described in RFC 6672, provide a way to redirect a subtree of the domain name tree in the DNS. A flaw in the way named processes these records may...
bind security update
32:9.11.4-26.P2.5 - Possible assertion failure on DNAME processing CVE-2021-25215...
ISC BIND DoS Vulnerability (CVE-2021-25215) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
ISC BIND DoS Vulnerability (CVE-2021-25215) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CentOS 7 : bind (RHSA-2021:1469)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1469 advisory. - In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as...
bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...
USN-4929-1: Bind vulnerabilities
Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2021-25214 Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote...
CVE-2021-25215
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability. Mitigation Red Hat has investigated whether a possible...
ISC BIND 安全漏洞
ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from the fact that when answering a query for a DNAME, an assertion check may fail to process a record that requires a DNAME to resolve...