OS X update for Bind (CVE-2012-5688)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | December 06, 2012 | September 17, 2013 | April 05, 2017 |
Description
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
Solution
apple-osx-security-update-2013-004Related Vulnerabilities
- OS X update for Apache (CVE-2012-5688)
- ELSA-2013-0550 Moderate: Oracle Linux bind security and enhancement update
- USN-1657-1: Bind vulnerability
- Gentoo Linux: CVE-2012-5688: BIND: Denial of Service
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- SUSE Linux Security Vulnerability: CVE-2012-5688
- RHSA-2012:1549: bind security update
- FreeBSD: dns/bind9* -- servers using DNS64 can be crashed by a crafted query (CVE-2012-5688)
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 4
- ELSA-2012-1549 Important: Oracle Linux bind security update
- ISC BIND: BIND 9 servers using DNS64 can be crashed by a crafted query (CVE-2012-5688)
- FreeBSD: FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query (FreeBSD-SA-13:01.bind) (CVE-2012-5688)
- Amazon Linux AMI: Security patch for bind (ALAS-2012-146) (CVE-2012-5688)