diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2011-11-16 23:59:34 +0000 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2011-11-16 23:59:34 +0000 |
| commit | 1ade73c742db40483d74225c11bf7aac858e491f (patch) | |
| tree | 94de735cbd9a4f17c1040f9d3cf5cf9835837f39 /security | |
| parent | 9448185af69743d80f11b115fe09af8987513f92 (diff) | |
| download | ports-1ade73c742db40483d74225c11bf7aac858e491f.tar.gz ports-1ade73c742db40483d74225c11bf7aac858e491f.zip | |
Add an entry for the BIND DOS vulnerability announced today
Feature safe: yes
Notes
Notes:
svn path=/head/; revision=285939
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 668db0c9106d..3471decb855e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,51 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="90cc1494-10ac-11e1-b3ec-0024e830109b"> + <topic> BIND -- Remote DOS</topic> + <affects> + <package> + <name>bind96</name> + <range><lt>9.6.3.1.ESV.R5.1</lt></range> + </package> + <package> + <name>bind97</name> + <range><lt>9.7.4.1</lt></range> + </package> + <package> + <name>bind98</name> + <range><lt>9.8.1.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Internet Systems Consortium reports:</p> + <blockquote cite="https://www.isc.org/software/bind/advisories/cve-2011-tbd"> + <p>Organizations across the Internet reported crashes interrupting service + on BIND 9 nameservers performing recursive queries. Affected servers + crashed after logging an error in query.c with the following message: + "INSIST(! dns_rdataset_isassociated(sigrdataset))" + Multiple versions were reported being affected, including all + currently supported release versions of ISC BIND 9.</p> + <p>Because it may be possible to trigger this bug even on networks + that do not allow untrusted users to access the recursive name + servers (perhaps via specially crafted e-mail messages, and/or + malicious web sites) it is recommended that ALL operators of + recursive name servers upgrade immediately.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-4313</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313</url> + <url>https://www.isc.org/software/bind/advisories/cve-2011-tbd</url> + </references> + <dates> + <discovery>2011-11-16</discovery> + <entry>2011-11-16</entry> + </dates> + </vuln> + <vuln vid="d8c901ff-0f0f-11e1-902b-20cf30e32f6d"> <topic>Apache 1.3 -- mod_proxy reverse proxy exposure</topic> <affects> |