RHSA-2012:1266: bind97 security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | September 14, 2012 | September 17, 2012 | July 04, 2017 |
Description
The Berkeley Internet Name Domain (BIND) is an implementation of the DomainName System (DNS) protocols. BIND includes a DNS server (named); a resolverlibrary (routines for applications to use when interfacing with DNS); andtools for verifying that the DNS server is operating correctly.A flaw was found in the way BIND handled resource records with a largeRDATA value. A malicious owner of a DNS domain could use this flaw tocreate specially-crafted DNS resource records, that would cause a recursiveresolver or secondary server to exit unexpectedly with an assertionfailure. (CVE-2012-4244)Users of bind97 are advised to upgrade to these updated packages, whichcorrect this issue. After installing the update, the BIND daemon (named)will be restarted automatically.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
Solution
redhat-upgrade-bind97Related Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2012-4244
- ELSA-2012-1365 Important: Oracle Linux bind security update
- HP-UX: CVE-2012-4244: Running BIND, Remote Denial of Service (DoS), Authentication Bypass
- ELSA-2013-0550 Moderate: Oracle Linux bind security and enhancement update
- VMSA-2013-0001: Update to ESX service console bind packages (CVE-2012-4244)
- RHSA-2012:1268: bind security update
- OS X update for Bind (CVE-2012-4244)
- ELSA-2012-1266 Important: Oracle Linux bind97 security update
- DSA-2547-1 bind9 -- improper assert
- USN-1566-1: Bind vulnerability
- RHSA-2012:1365: bind security update
- ELSA-2012-1267 Important: Oracle Linux bind security and bug fix update
- Sun Patch: SunOS 5.10: BIND patch
- ELSA-2012-1268 Important: Oracle Linux bind security update
- Sun Patch: SunOS 5.9: in.dhcpd libresolv and BIND9 patch
- Oracle Solaris 11: CVE-2012-4244: Vulnerability in BIND
- Sun Patch: SunOS 5.10_x86: BIND patch
- Gentoo Linux: CVE-2012-4244: BIND: Multiple vulnerabilities
- ISC BIND: A specially crafted Resource Record could cause named to terminate (CVE-2012-4244)
- FreeBSD: FreeBSD -- Multiple Denial of Service vulnerabilities with named(8) (FreeBSD-SA-12:06.bind) (Multiple CVEs)
- ELSA-2014-1984 Important: Oracle Linux bind security update
- Alpine Linux: CVE-2012-4244: Vulnerability in bind 9.7.x, 9.8.x, 9.9.1 allow remote denial of service
- Amazon Linux AMI: Security patch for bind (ALAS-2012-124) (CVE-2012-4244)
- Sun Patch: SunOS 5.9_x86: in.dhcpd libresolv and BIND9 patch
- OS X update for Apache (CVE-2012-4244)
- RHSA-2012:1267: bind security and bug fix update