Gentoo Linux: CVE-2015-4620: BIND: Denial of Service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | July 08, 2015 | October 30, 2017 | October 30, 2017 |
Description
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
Solution
gentoo-linux-upgrade-net-dns-bindRelated Vulnerabilities
- Alpine Linux: CVE-2015-4620: bind DNS query issues
- DSA-3304-1 bind9 -- security update
- F5 Networks: K16912 (CVE-2015-4620): BIND vulnerability CVE-2015-4620
- HP-UX: CVE-2015-4620: Running BIND, Remote Denial of Service (DoS)
- FreeBSD: bind -- denial of service vulnerability (FreeBSD-SA-15:11.bind) (CVE-2015-4620)
- USN-2669-1: Bind vulnerability
- ELSA-2015-1471 Important: Oracle Linux bind security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- ISC BIND: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating (CVE-2015-4620)
- RHSA-2015:1443: bind security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 4
- Amazon Linux AMI: Security patch for bind (ALAS-2015-566) (CVE-2015-4620)
- RHSA-2015:1471: bind security update
- SUSE: CVE-2015-4620: SUSE Linux Security Advisory
- ELSA-2015-1443 Important: Oracle Linux bind security update