Download
| Alert*
oval:org.secpod.oval:def:51895
bind9: Internet Domain Name Server Details: USN-3346-1 fixed vulnerabilities in Bind. The fix for CVE-2017-3142 introduced a regression in the ability to receive an AXFR or IXFR in the case where TSIG is used and not every message is signed. This update fixes the problem. In addition, this update ad ... oval:org.secpod.oval:def:201557 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to ca ... oval:org.secpod.oval:def:201652 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to ca ... oval:org.secpod.oval:def:1801550 CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone transfers Affected versions:¶ 9.4.0- oval:org.secpod.oval:def:1801551 CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone transfers Affected versions:¶ 9.4.0- oval:org.secpod.oval:def:1801527 CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone transfers Affected versions:¶ 9.4.0- oval:org.secpod.oval:def:204212 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker coul ... oval:org.secpod.oval:def:1600272 A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones . If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default oval:org.secpod.oval:def:203592 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker coul ... oval:org.secpod.oval:def:1500064 Updated bind packages that fix one security issue and add one enhancementare now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rati ... oval:org.secpod.oval:def:204537 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A flaw was found in the way BIND handled TSIG authentication for dynamic ... oval:org.secpod.oval:def:1500927 named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor manage ... oval:org.secpod.oval:def:1500935 named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor manage ... oval:org.secpod.oval:def:203665 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make B ... oval:org.secpod.oval:def:1600999 To provide fine-grained controls over the ability to use Dynamic DNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update reques ... oval:org.secpod.oval:def:603017 The security update announced as DSA-3904-1 in bind9 introduced a regression. The fix for CVE-2017-3142 broke verification of TSIG signed TCP message sequences where not all the messages contain TSIG records. This is conform to the spec and may be used in AXFR and IXFR response. oval:org.secpod.oval:def:112582 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:112572 DHCP oval:org.secpod.oval:def:112608 This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf and resperf man pages. oval:org.secpod.oval:def:112597 This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. oval:org.secpod.oval:def:112594 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:112567 This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. oval:org.secpod.oval:def:112568 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:112564 This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf and resperf man pages. oval:org.secpod.oval:def:202584 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. DNS64 is used to automatically generate DNS records so IPv6 based clients can access IPv ... oval:org.secpod.oval:def:203570 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker coul ... oval:org.secpod.oval:def:204536 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A flaw was found in the way BIND handled TSIG authentication for dynamic ... oval:org.secpod.oval:def:204235 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make B ... oval:org.secpod.oval:def:1700158 To provide fine-grained controls over the ability to use Dynamic DNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update reques ... oval:org.secpod.oval:def:111224 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1600285 A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash oval:org.secpod.oval:def:1600288 A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query oval:org.secpod.oval:def:105776 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:108477 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:501090 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to sen ... oval:org.secpod.oval:def:202653 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use th ... oval:org.secpod.oval:def:500856 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was en ... oval:org.secpod.oval:def:108265 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1500228 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:501034 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use th ... oval:org.secpod.oval:def:202923 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to sen ... oval:org.secpod.oval:def:108096 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:202409 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was en ... oval:org.secpod.oval:def:202408 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was en ... oval:org.secpod.oval:def:500906 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled certain combinations of resource records. A rem ... oval:org.secpod.oval:def:1600084 A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash oval:org.secpod.oval:def:202471 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled certain combinations of resource records. A rem ... oval:org.secpod.oval:def:202352 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious ... oval:org.secpod.oval:def:202351 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious ... oval:org.secpod.oval:def:202472 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled certain combinations of resource records. A rem ... oval:org.secpod.oval:def:1500361 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:106308 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:106307 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:501177 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zone ... oval:org.secpod.oval:def:500888 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A ma ... oval:org.secpod.oval:def:1500137 Updated bind packages that fix one security issue and one bug are nowavailable for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ... oval:org.secpod.oval:def:500807 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious ... oval:org.secpod.oval:def:500890 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A ma ... oval:org.secpod.oval:def:500021 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to ca ... oval:org.secpod.oval:def:203014 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zone ... oval:org.secpod.oval:def:202446 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A ma ... oval:org.secpod.oval:def:202447 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A ma ... oval:org.secpod.oval:def:1200018 A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon to crash under certain conditions. oval:org.secpod.oval:def:204170 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:111891 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1501095 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIN ... oval:org.secpod.oval:def:501001 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. DNS64 is used to automatically generate DNS records so IPv6 based clients can access IPv ... oval:org.secpod.oval:def:109841 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1800295 During processing of a recursive response that contains a DNAME record in the answer section, BIND can stop execution after encountering an assertion error in resolver.c failed"(error message: "REQUIRE0(0 oval:org.secpod.oval:def:1200012 A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. oval:org.secpod.oval:def:501537 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker coul ... oval:org.secpod.oval:def:1800858 CVE-2016-1285: An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c. Versions affected: 9.2.0 - oval:org.secpod.oval:def:204033 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:204032 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:1501277 A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server t ... oval:org.secpod.oval:def:1501398 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME reco ... oval:org.secpod.oval:def:1501399 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME reco ... oval:org.secpod.oval:def:1800922 CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion. A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the ... oval:org.secpod.oval:def:1501282 A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server t ... oval:org.secpod.oval:def:204026 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled packets with ... oval:org.secpod.oval:def:1501280 A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server t ... oval:org.secpod.oval:def:204027 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled packets with ... oval:org.secpod.oval:def:400651 This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: * CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. * CVE-2016-1286: An error when parsing signature ... oval:org.secpod.oval:def:501600 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make B ... oval:org.secpod.oval:def:111606 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1600353 A defect in control channel input handling was discovered which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named"s control channel. If control channel input is accepted from the network , an unauthenticated attacker could cause named ... oval:org.secpod.oval:def:203794 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malfor ... oval:org.secpod.oval:def:203793 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malfor ... oval:org.secpod.oval:def:203792 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malfor ... oval:org.secpod.oval:def:501733 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malfor ... oval:org.secpod.oval:def:501735 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malfor ... oval:org.secpod.oval:def:108467 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:109951 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1500814 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:111635 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:204079 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND processed a response ... oval:org.secpod.oval:def:1200160 An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible ... oval:org.secpod.oval:def:109391 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1501076 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIN ... oval:org.secpod.oval:def:109304 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:501596 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make B ... oval:org.secpod.oval:def:400619 This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: * CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. * CVE-2016-1286: An error when parsing signature ... oval:org.secpod.oval:def:1501400 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME reco ... oval:org.secpod.oval:def:109301 BIND is an implementation of the DNS protocols. BIND includes a DNS server , which resolves host names to IP addresses; a resolver library ; and tools for verifying that the DNS server is operating properly. oval:org.secpod.oval:def:1800578 If the lightweight resolver is asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length, the server can terminate due to an error. Fixed In Version bind 9.9.9-P2, bind 9.10.4-P2, bind 9.11.0b2, bind 9.9.9-S3 oval:org.secpod.oval:def:1600450 It was found that the lightweight resolver could crash due to an error when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the "lwres" statement in named.conf ... oval:org.secpod.oval:def:1800392 If the lightweight resolver is asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length, the server can terminate due to an error. Fixed In Version: bind 9.9.9-P2, bind 9.10.4-P2, bind 9.11.0b2, bind 9.9.9-S3 oval:org.secpod.oval:def:1800509 CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion; A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the ... oval:org.secpod.oval:def:501964 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND processed a response ... oval:org.secpod.oval:def:1501739 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800416 CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the c ... oval:org.secpod.oval:def:501925 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:501929 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:1600475 A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. oval:org.secpod.oval:def:1501588 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND constructed a response ... oval:org.secpod.oval:def:1501585 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND constructed a response ... oval:org.secpod.oval:def:1501586 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND constructed a response ... oval:org.secpod.oval:def:1501624 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses conta ... oval:org.secpod.oval:def:1501625 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses conta ... oval:org.secpod.oval:def:1501629 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ... oval:org.secpod.oval:def:1501925 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501926 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502063 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A flaw was found in the way BIND handled TSIG authentication for dynamic ... oval:org.secpod.oval:def:502065 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A flaw was found in the way BIND handled TSIG authentication for dynamic ... oval:org.secpod.oval:def:1600736 Security Fix: A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG signature for a dynamic update request. A f ... oval:org.secpod.oval:def:51835 bind9: Internet Domain Name Server Bind could be made to serve incorrect information or expose sensitive information over the network. oval:org.secpod.oval:def:703804 bind9: Internet Domain Name Server Details: USN-3346-1 fixed vulnerabilities in Bind. The fix for CVE-2017-3142 introduced a regression in the ability to receive an AXFR or IXFR in the case where TSIG is used and not every message is signed. This update fixes the problem. In addition, this update ad ... oval:org.secpod.oval:def:112944 BIND is an implementation of the DNS protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. oval:org.secpod.oval:def:112943 DHCP oval:org.secpod.oval:def:703685 bind9: Internet Domain Name Server Bind could be made to serve incorrect information or expose sensitive information over the network. |