117 matches found
Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20170705)
Security Fixes : - A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update...
RHEL 6 : bind (RHSA-2017:1679)
"An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
bind security update
CentOS Errata and Security Advisory CESA-2017:1680 An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: bind security and bug fix update
An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: bind security and bug fix update
An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
[BSA-116] Security Update for openvpn
Bernhard Schmidt uploaded new packages for openvpn which fixed the following security problems: CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application...
Important: Red Hat Security Advisory: bind security and bug fix update
An update for bind is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
BSA-2017-339
Security Advisory ID : BSA-2017-339 Component : OpenVPN Revision : 2.0: Interim An authenticated client can cause the server's the packet-id counter to roll over, which would lead the server process to hit anASSERT and stop running. To make the server hit theASSERT, the client must first cause th...
DEBIAN-CVE-2017-7479
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker...
UBUNTU-CVE-2017-7479
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker...
Mandriva Linux Security Advisory : bind (MDVSA-2015:165)
Updated bind packages fix security vulnerabilities : By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the...
Debian DLA-163-1 : bind9 security update
Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives 'dnssec-validation...
[SECURITY] [DLA 163-1] bind9 security update
Package : bind9 Version : 1:9.7.3.dfsg-1squeeze14 CVE ID : CVE-2015-1349 Debian Bug : 778733 Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operators part, or due to interference with network traffic...
MGASA-2015-0082 Updated bind packages fix CVE-2015-1349
Updated bind packages fix security vulnerability: Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects...
Updated bind packages fix CVE-2015-1349
Updated bind packages fix security vulnerability: Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects...
Debian DSA-3162-1 : bind9 - security update
Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives 'dnssec-validation...
[SECURITY] [DSA 3162-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3162-1 [email protected] http://www.debian.org/security/ Florian Weimer February 18, 2015 http://www.debian.org/security/faq -...
DSA-3162-1 bind9 - security update
Bulletin has no description...
Debian Security Advisory DSA 3162-1 (bind9 - security update)
Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator OpenVAS Vulnerability Test $Id: deb3162.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3162-1 using nvtgen 1.0 Scri...
AIX 6.1 TL 4 : bind9 (IV01118)
The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service. Signed negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cau...