148 matches found
bind: TKEY query handling flaw leading to denial of service
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P2-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where an error in the handling...
[SECURITY] [DLA 285-1] bind9 security update
Package : bind9 Version : 1:9.7.3.dfsg-1squeeze16 CVE ID : CVE-2015-5477 Jonathan Foote discovered that the BIND DNS server does not properly handle TKEY queries. A remote attacker can take advantage of this flaw to mount a denial of service via a specially crafted query triggering an assertion...
Critical: bind
Issue Overview: As reported upstream https://kb.isc.org/article/AA-01272/0, an error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit...
DLA-285-1 bind9 - security update
Bulletin has no description...
DSA-3319-1 bind9 - security update
Bulletin has no description...
UBUNTU-CVE-2015-5477
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via TKEY queries...
bind -- denial of service vulnerability
ISC reports: An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit...