Veracode Vulnerability DatabaseVERACODE:24775Denial Of Service(DoS)
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
The Berkeley Internet Name Domain (BIND) is vulnerable to denial of service (DoS). A flaw discovered in the way BIND handled certain DNS queries caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion.
References
blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of
lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html
lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html
lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html
lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html
lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html
lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html
marc.info/?l=bugtraq&m=132310123002302&w=2
marc.info/?l=bugtraq&m=133978480208466&w=2
marc.info/?l=bugtraq&m=141879471518471&w=2
osvdb.org/77159
secunia.com/advisories/46536
secunia.com/advisories/46829
secunia.com/advisories/46887
secunia.com/advisories/46890
secunia.com/advisories/46905
secunia.com/advisories/46906
secunia.com/advisories/46943
secunia.com/advisories/46984
secunia.com/advisories/47043
secunia.com/advisories/47075
secunia.com/advisories/48308
security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc
support.apple.com/kb/HT5501
www-01.ibm.com/support/docview.wss?uid=isg1IV11106
www.debian.org/security/2011/dsa-2347
www.ibm.com/support/docview.wss?uid=isg1IV11248
www.isc.org/software/bind/advisories/cve-2011-4313
www.kb.cert.org/vuls/id/606539
www.mandriva.com/security/advisories?name=MDVSA-2011:176
www.redhat.com/support/errata/RHSA-2011-1458.html
www.redhat.com/support/errata/RHSA-2011-1459.html
www.redhat.com/support/errata/RHSA-2011-1496.html
www.securityfocus.com/bid/50690
www.securitytracker.com/id?1026335
www.ubuntu.com/usn/USN-1264-1
access.redhat.com/errata/RHSA-2011:1458
access.redhat.com/security/updates/classification/#important
exchange.xforce.ibmcloud.com/vulnerabilities/71332
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14343
www.isc.org/software/bind/advisories/cve-2011-4313
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P