MDVSA-2012:089 -- Mandriva bindID: oval:org.secpod.oval:def:302907 | Date: (C)2012-11-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
A vulnerability was discovered and corrected in bind: ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service or obtain sensitive information from process memory via a crafted record . The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1 which is not vulnerable to this issue.
Platform: |
Mandriva Linux 2011.0 |
Mandriva Linux 2010.1 |