From 1ade73c742db40483d74225c11bf7aac858e491f Mon Sep 17 00:00:00 2001 From: Doug Barton Date: Wed, 16 Nov 2011 23:59:34 +0000 Subject: Add an entry for the BIND DOS vulnerability announced today Feature safe: yes --- security/vuxml/vuln.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 668db0c9106d..3471decb855e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,51 @@ Note: Please add new entries to the beginning of this file. --> + + BIND -- Remote DOS + + + bind96 + 9.6.3.1.ESV.R5.1 + + + bind97 + 9.7.4.1 + + + bind98 + 9.8.1.1 + + + + +

The Internet Systems Consortium reports:

+
Organizations across the Internet reported crashes interrupting service + on BIND 9 nameservers performing recursive queries. Affected servers + crashed after logging an error in query.c with the following message: + "INSIST(! dns_rdataset_isassociated(sigrdataset))" + Multiple versions were reported being affected, including all + currently supported release versions of ISC BIND 9.
+
Because it may be possible to trigger this bug even on networks + that do not allow untrusted users to access the recursive name + servers (perhaps via specially crafted e-mail messages, and/or + malicious web sites) it is recommended that ALL operators of + recursive name servers upgrade immediately.
+

+ + + + CVE-2011-4313 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313 + https://www.isc.org/software/bind/advisories/cve-2011-tbd + + + 2011-11-16 + 2011-11-16 + + + Apache 1.3 -- mod_proxy reverse proxy exposure -- cgit v1.2.3