RHSA-2009:1179-02 -- Redhat bindID: oval:org.secpod.oval:def:500547 | Date: (C)2012-01-31 (M)2021-09-12 |
Class: PATCH | Family: unix |
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the "ANY" record type. A remote attacker could use this flaw to send a specially-crafted dynamic update packet that could cause named to exit with an assertion failure. Note: even if named is not configured for dynamic updates, receiving such a specially-crafted dynamic update packet could still cause named to exit unexpectedly. All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon will be restarted automatically.
Platform: |
Red Hat Enterprise Linux 5 |