Lucene search

Veracode Vulnerability DatabaseVERACODE:11870

HistoryJan 15, 2019 - 9:09 a.m.

Denial Of Service (DoS)

2019-01-1509:09:11

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

bind is vulnerable to denial of service. A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash.

CPENameOperatorVersion
bindeq9.3.6__20.P1.el5_8.4
bindeq9.7.0__5.P2.el6_0.1
bindeq9.3.3__7.el5
bindeq9.3.4__6.0.3.P1.el5_2
bindeq9.3.6__4.P1.el5_5.3
bindeq9.3.3__8.el5
bindeq9.8.2__0.17.rc1.el6.3
bindeq9.3.6__20.P1.el5
bindeq9.8.2__0.30.rc1.el6
bindeq9.8.2__0.10.rc1.el6_3.2

Name	Operator	Version
bind	eq	9.3.6__20.P1.el5_8.4
bind	eq	9.7.0__5.P2.el6_0.1
bind	eq	9.3.3__7.el5
bind	eq	9.3.4__6.0.3.P1.el5_2
bind	eq	9.3.6__4.P1.el5_5.3
bind	eq	9.3.3__8.el5
bind	eq	9.8.2__0.17.rc1.el6.3
bind	eq	9.3.6__20.P1.el5
bind	eq	9.8.2__0.30.rc1.el6
bind	eq	9.8.2__0.10.rc1.el6_3.2

Rows per page:

1-10 of 641

References

lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/174520.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html

marc.info/?l=bugtraq&m=145680832702035&w=2

packetstormsecurity.com/files/134882/FreeBSD-Security-Advisory-BIND-Denial-Of-Service.html

rhn.redhat.com/errata/RHSA-2015-2655.html

rhn.redhat.com/errata/RHSA-2015-2656.html

rhn.redhat.com/errata/RHSA-2015-2658.html

rhn.redhat.com/errata/RHSA-2016-0078.html

rhn.redhat.com/errata/RHSA-2016-0079.html

www.debian.org/security/2015/dsa-3420

www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/79349

www.securitytracker.com/id/1034418

www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966

www.ubuntu.com/usn/USN-2837-1

access.redhat.com/security/updates/classification/#important

blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/

blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923105

kb.isc.org/article/AA-01317

kb.isc.org/article/AA-01380

kb.isc.org/article/AA-01438

rhn.redhat.com/errata/RHSA-2015-2656.html

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for VERACODE:11870