Download
| Alert*
oval:org.secpod.oval:def:1800056
CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"; Affected versions: 9.8.0 - oval:org.secpod.oval:def:89044649 This update for bind fixes the following issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CVE-2017-31 ... oval:org.secpod.oval:def:89044891 This update for bind fixes the following issues: - A regression in the fix for CVE-2017-3137 caused an assert in name.c oval:org.secpod.oval:def:204479 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled a query respo ... oval:org.secpod.oval:def:89044539 This update for bind fixes the following security issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CV ... oval:org.secpod.oval:def:2101613 BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9 ... oval:org.secpod.oval:def:204485 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled a query respo ... oval:org.secpod.oval:def:40152 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:1501847 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800301 CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;". Affected versions: 9.8.0 - oval:org.secpod.oval:def:112336 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:112299 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:502021 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled a query respo ... oval:org.secpod.oval:def:502024 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled a query respo ... oval:org.secpod.oval:def:705830 bind9: Internet Domain Name Server Several security issues were fixed in Bind. oval:org.secpod.oval:def:602877 Several vulnerabilities were discovered in BIND, a DNS server implementation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-3136 Oleg Gorokhov of Yandex discovered that BIND does not properly handle certain queries when using DNS64 with the "break- ... oval:org.secpod.oval:def:1800322 CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" Affected versions 9.8.0 - oval:org.secpod.oval:def:1600693 A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. A denial of service flaw w ... oval:org.secpod.oval:def:112276 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:112277 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:51522 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:1501840 The advisory is missing the security advisory description. For more information please visit the reference link |