openSUSE Security Update : bind (openSUSE-SU-2012:0722-1)

A remote denial of service in the bind nameserver via zero length rdata fields was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-316. The text description of this plugin...

GLSA-201209-04 : BIND: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201209-04 BIND: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy CVE-2012-1033. BIND accepts records with zero-length...

FreeBSD : dns/bind9* -- Several vulnerabilities (53a0ddef-0208-11e2-8afa-0024e830109b)

ISC reports : Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes. Prevents a crash when validating caused by using 'Bad cache' data before it has been initialized. ISCQUEUE handling for recursive clients was updated to address a race condition that could cause a memory lea...

bind: handling of zero length rdata can cause named to terminate unexpectedly

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

FreeBSD : FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) (fc5231b6-c066-11e1-b5e0-000c299b62e1)

Problem description : The named8 server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash o...

FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8)

Problem description: The named8 server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash on...

bind: Fixed a remote denial of service (important)

A remote denial of service in the bind nameserver via zero length rdata fields was fixed...

bind: handling of zero length rdata can cause named to terminate unexpectedly

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

DEBIAN-CVE-2012-1667

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory

ISC reports: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers...

ISC BIND 9 zero length rdata named vulnerability

Overview ISC BIND 9 named contains a vulnerability that could allow a attacker to cause named to terminate unexpectedly. Description According to ISC's security advisory:This problem was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null ze...

ISC BIND Zero Length RDATA Denial of Service - Ver2 (CVE-2012-1667)

A denial of service vulnerability has been reported in ISC BIND. The vulnerability is due to improper handling of zero-length RDATA in certain record types. A remote attacker can exploit this issue by loading a specially crafted file to the DNS server. Successful exploitation would cause the serv...