ISC BIND rndc Control Channel Interface Assertion Failure Denial of Service (CVE-2017-3138)

A denial-of-service vulnerability exist in ISC BIND. The vulnerability is due to improper handling of a null command string sent to rndc control channel interface. A remote, authenticated attacker could exploit this vulnerability by sending a maliciously crafted packet to the rndc control channel...

Debian DSA-3854-1 : bind9 - security update

Several vulnerabilities were discovered in BIND, a DNS server implementation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-3136 Oleg Gorokhov of Yandex discovered that BIND does not properly handle certain queries when using DNS64 with the...

[SECURITY] [DSA 3854-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3854-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2017 https://www.debian.org/security/faq -...

ISC BIND 9 < 9.9.9-P8 / 9.9.9-S10 / 9.9.10rc3 / 9.10.4-P8 / 9.10.5rc3 / 9.11.0-P5 / 9.11.1r3 Multiple Vunlerabilities

According to its self-reported version, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P8 or 9.9.9-S10, 9.10.x prior to 9.10.4-P8, or 9.11.x prior to 9.11.0-P5. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exist...