Описание
Security update for bind
This update fixes a DoS vulnerability in bind when handling malformed NSEC3-signed zones. CVE-2014-0591 has been assigned to this issue.
Security Issue references:
Список пакетов
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP1-TERADATA
Ссылки
- Link for SUSE-SU-2015:0480-1
- E-Mail link for SUSE-SU-2015:0480-1
- SUSE Security Ratings
- SUSE Bug 684163
- SUSE Bug 696585
- SUSE Bug 703907
- SUSE Bug 715180
- SUSE Bug 718441
- SUSE Bug 727495
- SUSE Bug 730995
- SUSE Bug 743758
- SUSE Bug 765315
- SUSE Bug 772945
- SUSE Bug 780157
- SUSE Bug 784602
- SUSE Bug 796112
- SUSE Bug 858639
- SUSE Bug 908994
- SUSE CVE CVE-2011-1910 page
- SUSE CVE CVE-2011-2464 page
Описание
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
Затронутые продукты
Ссылки
- CVE-2011-1910
- SUSE Bug 696585
- SUSE Bug 698286
Описание
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
Затронутые продукты
Ссылки
- CVE-2011-2464
- SUSE Bug 703907
Описание
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Затронутые продукты
Ссылки
- CVE-2011-4313
- SUSE Bug 730995
- SUSE Bug 738156
Описание
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
Затронутые продукты
Ссылки
- CVE-2012-1667
- SUSE Bug 765315
- SUSE Bug 792926
Описание
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
Затронутые продукты
Ссылки
- CVE-2012-3817
- SUSE Bug 772945
- SUSE Bug 792926
- SUSE Bug 986950
Описание
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
Затронутые продукты
Ссылки
- CVE-2012-4244
- SUSE Bug 780157
- SUSE Bug 792926
Описание
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
Затронутые продукты
Ссылки
- CVE-2012-5166
- SUSE Bug 784602
- SUSE Bug 792926
Описание
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
Затронутые продукты
Ссылки
- CVE-2014-0591
- SUSE Bug 858639
Описание
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
Затронутые продукты
Ссылки
- CVE-2014-8500
- SUSE Bug 908994
- SUSE Bug 986950