vulnerability

RHSA-2016:0073: bind security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:N/I:N/A:C)	Jan 20, 2016	Jan 29, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:C)

Published

Jan 20, 2016

Added

Jan 29, 2016

Modified

Oct 30, 2017

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the DomainName System (DNS) protocols. BIND includes a DNS server (named); a resolverlibrary (routines for applications to use when interfacing with DNS); andtools for verifying that the DNS server is operating correctly.A denial of service flaw was found in the way BIND processed certainmalformed Address Prefix List (APL) records. A remote, authenticatedattacker could use this flaw to cause named to crash. (CVE-2015-8704)Red Hat would like to thank ISC for reporting this issue.All bind users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing theupdate, the BIND daemon (named) will be restarted automatically.

Solutions

redhat-upgrade-bindredhat-upgrade-bind-chrootredhat-upgrade-bind-debuginforedhat-upgrade-bind-develredhat-upgrade-bind-libbind-develredhat-upgrade-bind-libsredhat-upgrade-bind-libs-literedhat-upgrade-bind-licenseredhat-upgrade-bind-lite-develredhat-upgrade-bind-pkcs11redhat-upgrade-bind-pkcs11-develredhat-upgrade-bind-pkcs11-libsredhat-upgrade-bind-pkcs11-utilsredhat-upgrade-bind-sdbredhat-upgrade-bind-sdb-chrootredhat-upgrade-bind-utilsredhat-upgrade-caching-nameserver

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today