what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2011-4313

Status Candidate

Overview

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.

Related Files

HP Security Bulletin HPSBOV03226 2
Posted Jan 30, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2006-4096, CVE-2007-2926, CVE-2008-1447, CVE-2009-0025, CVE-2011-4313, CVE-2012-4244
SHA-256 | 4935d3f1fb7ea8e8542d5095cd4cb2b982b905b4752fdda66d72da48b1f6e88d
HP Security Bulletin HPSBOV03226 1
Posted Dec 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03226 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2006-4096, CVE-2007-2926, CVE-2008-1447, CVE-2009-0025, CVE-2011-4313, CVE-2012-4244
SHA-256 | 1857a5c488eb234718c79babaf33fe34e2dcf8b047d172d2c3860ec769591b8e
Apple Security Advisory 2012-09-19-2
Posted Sep 22, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-3026, CVE-2011-3048, CVE-2011-3368, CVE-2011-3389, CVE-2011-3607, CVE-2011-4313, CVE-2011-4317, CVE-2011-4599, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0643, CVE-2012-0650, CVE-2012-0652, CVE-2012-0668, CVE-2012-0670, CVE-2012-0671, CVE-2012-0831, CVE-2012-1172, CVE-2012-1173, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3716, CVE-2012-3718
SHA-256 | 40b0db811b217e85fb6806b53d13edb126d8f6537576e1fb80a6d9e6c2266a62
HP Security Bulletin HPSBOV02774 SSRT100684
Posted Jun 16, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02774 SSRT100684 - A potential security vulnerability has been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. The vulnerability could be remotely exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, tcp
advisories | CVE-2011-4313
SHA-256 | 8adc37f9db1af13d8fc57633ecaabf28947d250d5d7f0841ff327db56172396b
Gentoo Linux Security Advisory 201206-01
Posted Jun 3, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-1 - Multiple vulnerabilities have been found in BIND, the worst of which allowing to cause remote Denial of Service. Versions less than 9.7.4_p1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3613, CVE-2010-3614, CVE-2010-3615, CVE-2010-3762, CVE-2011-0414, CVE-2011-1910, CVE-2011-2464, CVE-2011-2465, CVE-2011-4313
SHA-256 | cb5c547e8c208931dc81261447f257bec2b215414a6d99687b7c8512bca1a997
HP Security Bulletin HPSBUX02729 SSRT100687 3
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02729 SSRT100687 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-4313
SHA-256 | 0f390da79dca7121a928ccac203062c88e4b9d40c3e900178619534800c5aa2d
FreeBSD Security Advisory - named Denial Of Service
Posted Dec 27, 2011
Site security.freebsd.org

FreeBSD Security Advisory - A remote attacker could cause the BIND resolver to cache an invalid record, which could cause the BIND daemon to crash when that record is being queried.

tags | advisory, remote
systems | freebsd
advisories | CVE-2011-4313
SHA-256 | 913e895f321d484a5440d6ec9ea44d1a471f516fda6b68d698117be493718a87
HP Security Bulletin HPSBUX02729 SSRT100687 2
Posted Dec 16, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02729 SSRT100687 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-4313
SHA-256 | 65bd880eb5bb3c787442b8c98e6a18d1ad131a8508eb0a48d51169dad7d5d054
Red Hat Security Advisory 2011-1496-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1496-01 - A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-4313
SHA-256 | 01c14c945ffcae4533481835e75743d048c84069db1e3acf5a44f0949b46b159
Mandriva Linux Security Advisory 2011-176-2
Posted Nov 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory had wrong release numbers effectively preventing installation without excessive force due previous packaging mistakes. This advisory provides corrected packages to address the problem.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
SHA-256 | ccd137aa0b24aef21172472dc46e7a951f9dd172c796924eb97f853d35de3735
Red Hat Security Advisory 2011-1459-01
Posted Nov 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1459-01 - Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-4313
SHA-256 | e468d1c0fe8f1b1825afe625add5bc7e03909cb44c5e165d121c828409c3447f
Mandriva Linux Security Advisory 2011-176-1
Posted Nov 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 advisory had a faulty release number effectively preventing installation without excessive force due to a previous packaging mistake. This advisory provides corrected packages to address the problem.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
SHA-256 | 197ccaed81762b5688aa08d8c25598393a3c9ed56dc71e6aabe506eccc2b58e4
Red Hat Security Advisory 2011-1458
Posted Nov 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1458 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server, a resolver library, and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2011-4313
SHA-256 | 109068cfe1698152b9d3437fe8f154aa67bc2754de44075ab1266cbef01eb284
Ubuntu Security Notice USN-1264-1
Posted Nov 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1264-1 - It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-4313
SHA-256 | 5b3036197efa4d350f9371059d42694a829151802d7840a2a661f4b8dc2988e4
Debian Security Advisory 2347-1
Posted Nov 17, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2347-1 - It was discovered that BIND, a DNS server, crashes while processing certain sequences of recursive DNS queries, leading to a denial of service. Authoritative-only server configurations are not affected by this issue.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-4313
SHA-256 | c7792c9286029e0385042cfccf0f8afdb317c3dca089b50146e8b913bc8e48f7
Mandriva Linux Security Advisory 2011-176
Posted Nov 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. A cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
SHA-256 | fb80d35154c4a65d74dd4625a4d800d7ebb54b9e496cc615bab0fa89b767ef9a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close