3 matches found
Debian DLA-48-1 : bind9 security update
Fix denial of service attack when processing NSEC3-signed zone queries, fixed by not calling memcpy with overlapping ranges in bin/named/query.c. - patch backported from 9.8.6-P2 by Marc Deslauriers from the Ubuntu Security team for USN-2081-1. NOTE: Tenable Network Security has extracted the...
[SECURITY] [DLA 48-1] bind9 security update
Package : bind9 Version : 9.7.3.dfsg-1squeeze12 CVE ID : CVE-2014-0591 Debian Bug : 735190 Fix denial of service attack when processing NSEC3-signed zone queries, fixed by not calling memcpy with overlapping ranges in bin/named/query.c. - patch backported from 9.8.6-P2 by Marc Deslauriers from th...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : bind9 vulnerability (USN-2081-1)
Jared Mauch discovered that Bind incorrectly handled certain queries for NSEC3-signed zones. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding...