Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:2399-1

Опубликовано: 27 сент. 2016
Источник: suse-cvrf

Описание

Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
bind-libs-9.9.9P1-46.1
bind-libs-32bit-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
SUSE Linux Enterprise Server 12 SP1
bind-9.9.9P1-46.1
bind-chrootenv-9.9.9P1-46.1
bind-doc-9.9.9P1-46.1
bind-libs-9.9.9P1-46.1
bind-libs-32bit-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
bind-9.9.9P1-46.1
bind-chrootenv-9.9.9P1-46.1
bind-doc-9.9.9P1-46.1
bind-libs-9.9.9P1-46.1
bind-libs-32bit-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
SUSE Linux Enterprise Software Development Kit 12 SP1
bind-devel-9.9.9P1-46.1

Ссылки

Описание

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-32bit-9.9.9P1-46.1
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-9.9.9P1-46.1
SUSE Linux Enterprise Desktop 12 SP1:bind-utils-9.9.9P1-46.1
SUSE Linux Enterprise Server 12 SP1:bind-9.9.9P1-46.1
Ссылки
Уязвимость SUSE-SU-2016:2399-1