Download
| Alert*
oval:org.secpod.oval:def:89044649
This update for bind fixes the following issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CVE-2017-31 ... oval:org.secpod.oval:def:89044539 This update for bind fixes the following security issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CV ... oval:org.secpod.oval:def:111198 DHCP oval:org.secpod.oval:def:111186 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:111136 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:111143 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:111224 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1800392 If the lightweight resolver is asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length, the server can terminate due to an error. Fixed In Version: bind 9.9.9-P2, bind 9.10.4-P2, bind 9.11.0b2, bind 9.9.9-S3 oval:org.secpod.oval:def:1800578 If the lightweight resolver is asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length, the server can terminate due to an error. Fixed In Version bind 9.9.9-P2, bind 9.10.4-P2, bind 9.11.0b2, bind 9.9.9-S3 oval:org.secpod.oval:def:1600450 It was found that the lightweight resolver could crash due to an error when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the "lwres" statement in named.conf ... oval:org.secpod.oval:def:1901519 ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service via a long request that uses the lightweight resolver protocol. oval:org.secpod.oval:def:602629 Two vulnerabilities were reported in BIND, a DNS server. CVE-2016-2775 The lwresd component in BIND could crash while processing an overlong request name. This could lead to a denial of service. CVE-2016-2776 A crafted query could crash the BIND name server daemon, leading to a denial of service. A ... oval:org.secpod.oval:def:1100510 The remote host is missing a patch containing a security fix, which affects the following packages: bos.net.tcp.client. For more information please visit vendor advisory link. |