RHSA-2009:1179-02 -- Redhat bind
|ID: oval:org.secpod.oval:def:500547||Date: (C)2012-01-31 (M)2017-10-04|
|Class: PATCH||Family: unix|
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the "ANY" record type. A remote attacker could use this flaw to send a specially-crafted dynamic update packet that could cause named to exit with an assertion failure. Note: even if named is not configured for dynamic updates, receiving such a specially-crafted dynamic update packet could still cause named to exit unexpectedly. All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon will be restarted automatically.
|Red Hat Enterprise Linux 5|