ID CVE-2011-2464
Summary Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:bind:9.6
    cpe:2.3:a:isc:bind:9.6
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • cpe:2.3:a:isc:bind:9.7.2b1
    cpe:2.3:a:isc:bind:9.7.2b1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
CVSS
Base: 5.0 (as of 11-07-2011 - 08:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0926.NASL
    description Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464) Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 55539
    published 2011-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55539
    title RHEL 5 / 6 : bind (RHSA-2011:0926)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110707_BIND_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464) After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61080
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61080
    title Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL12986.NASL
    description Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a Denial of Service (DoS) (named daemon crash) by way of a crafted UPDATE request.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78130
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78130
    title F5 Networks BIG-IP : BIND vulnerability (SOL12986)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FD64188DA71D11E089B4001EC9578670.NASL
    description ISC reports : A defect in the affected BIND 9 versions allows an attacker to remotely cause the 'named' process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 55518
    published 2011-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55518
    title FreeBSD : BIND -- Remote DoS against authoritative and recursive servers (fd64188d-a71d-11e0-89b4-001ec9578670)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0926.NASL
    description Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464) Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 55536
    published 2011-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55536
    title CentOS 5 : bind97 (CESA-2011:0926)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2011-224-01.NASL
    description New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 55834
    published 2011-08-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55834
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-224-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-9146.NASL
    description Update to the 9.8.0-P4 security release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55562
    published 2011-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55562
    title Fedora 15 : bind-9.8.0-7.P4.fc15 (2011-9146)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_42727.NASL
    description s700_800 11.23 BIND 9.2.0 Revision 5.0 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBUX02729 SSRT100687) - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBUX02719 SSRT100658)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 56840
    published 2012-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56840
    title HP-UX PHNE_42727 : s700_800 11.23 BIND 9.2.0 Revision 5.0
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-110706.NASL
    description A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 55547
    published 2011-07-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55547
    title SuSE 11.1 Security Update : bind (SAT Patch Number 4846)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_7_2.NASL
    description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreMedia - CoreProcesses - CoreStorage - File Systems - iChat Server - Kernel - libsecurity - Open Directory - PHP - python - QuickTime - SMB File Server - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 56480
    published 2011-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56480
    title Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201206-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201206-01 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : The vulnerabilities allow remote attackers to cause a Denial of Service (daemon crash) via a DNS query, to bypass intended access restrictions, to incorrectly cache a ncache entry and a rrsig for the same type and to incorrectly mark zone data as insecure. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 59629
    published 2012-06-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59629
    title GLSA-201206-01 : BIND: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-9127.NASL
    description This update fixes CVE-2011-2464. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55657
    published 2011-07-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55657
    title Fedora 14 : bind-9.7.4-0.3.b1.fc14 (2011-9127)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-115.NASL
    description A vulnerability was discovered and corrected in bind : Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request (CVE-2011-2464). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 The updated packages have been upgraded to bind 9.7.3-P3 which is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 55634
    published 2011-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55634
    title Mandriva Linux Security Advisory : bind (MDVSA-2011:115)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2272.NASL
    description It was discovered that BIND, a DNS server, does not correctly process certain UPDATE requests, resulting in a server crash and a denial of service. This vulnerability affects BIND installations even if they do not actually use dynamic DNS updates.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 55516
    published 2011-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55516
    title Debian DSA-2272-1 : bind9 - denial of service
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_BIND-110706.NASL
    description A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 has been assigned to this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 75440
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75440
    title openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)
  • NASL family DNS
    NASL id BIND9_980_P4.NASL
    description According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. If an attacker sends a specially crafted request to a BIND server it may cause the name server process to crash. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually vulnerable.
    last seen 2019-02-21
    modified 2018-09-17
    plugin id 55534
    published 2011-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55534
    title ISC BIND 9 Unspecified Packet Processing Remote DoS
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_BIND-110706.NASL
    description A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 has been assigned to this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 75794
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75794
    title openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2011-189-01.NASL
    description New bind packages are available for Slackware 13.37, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 55704
    published 2011-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55704
    title Slackware 13.37 / current : bind (SSA:2011-189-01)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0066.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99569
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99569
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1163-1.NASL
    description It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 55522
    published 2011-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55522
    title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerability (USN-1163-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0926.NASL
    description From Red Hat Security Advisory 2011:0926 : Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464) Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68303
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68303
    title Oracle Linux 5 / 6 : bind (ELSA-2011-0926)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2011-006.NASL
    description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreFoundation - CoreMedia - File Systems - IOGraphics - iChat Server - Mailman - MediaKit - PHP - postfix - python - QuickTime - Tomcat - User Documentation - Web Server - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 56481
    published 2011-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56481
    title Mac OS X Multiple Vulnerabilities (Security Update 2011-006)
oval via4
accepted 2015-04-20T04:00:36.971-04:00
class vulnerability
contributors
  • name Yamini Mohan R
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Prashant Kumar
    organization Hewlett-Packard
  • name Mike Cokus
    organization The MITRE Corporation
description Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
family unix
id oval:org.mitre.oval:def:13997
status accepted
submitted 2012-01-30T10:50:28.000-05:00
title HP-UX Running BIND, Remote Denial of Service (DoS)
version 46
redhat via4
advisories
bugzilla
id 718966
title CVE-2011-2464 bind: Specially constructed packet will cause named to exit
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-6.P2.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110926002
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-6.P2.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110926004
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-6.P2.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110926006
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-6.P2.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110926008
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-6.P2.el5_6.3
          oval oval:com.redhat.rhsa:tst:20110926010
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment bind is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926016
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975006
      • AND
        • comment bind-chroot is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926018
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975012
      • AND
        • comment bind-devel is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926026
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975010
      • AND
        • comment bind-libs is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926024
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975016
      • AND
        • comment bind-sdb is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926022
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975014
      • AND
        • comment bind-utils is earlier than 32:9.7.3-2.el6_1.P3.2
          oval oval:com.redhat.rhsa:tst:20110926020
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975008
rhsa
id RHSA-2011:0926
released 2011-07-07
severity Important
title RHSA-2011:0926: bind security update (Important)
rpms
  • bind97-32:9.7.0-6.P2.el5_6.3
  • bind97-chroot-32:9.7.0-6.P2.el5_6.3
  • bind97-devel-32:9.7.0-6.P2.el5_6.3
  • bind97-libs-32:9.7.0-6.P2.el5_6.3
  • bind97-utils-32:9.7.0-6.P2.el5_6.3
  • bind-32:9.7.3-2.el6_1.P3.2
  • bind-chroot-32:9.7.3-2.el6_1.P3.2
  • bind-devel-32:9.7.3-2.el6_1.P3.2
  • bind-libs-32:9.7.3-2.el6_1.P3.2
  • bind-sdb-32:9.7.3-2.el6_1.P3.2
  • bind-utils-32:9.7.3-2.el6_1.P3.2
refmap via4
apple APPLE-SA-2011-10-12-3
bid 48566
bugtraq 20110705 Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers
cert-vn VU#142646
confirm
debian DSA-2272
fedora
  • FEDORA-2011-9127
  • FEDORA-2011-9146
hp
  • HPSBUX02719
  • SSRT100658
mandriva MDVSA-2011:115
osvdb 73605
sectrack 1025742
secunia
  • 45082
  • 45089
  • 45143
  • 45177
  • 45185
  • 45223
  • 45410
  • 45412
slackware SSA:2011-189-01
suse
  • SUSE-SA:2011:029
  • SUSE-SU-2011:0759
  • openSUSE-SU-2011:0788
ubuntu USN-1163-1
xf iscbind-update-dos(68375)
Last major update 07-12-2016 - 22:02
Published 08-07-2011 - 16:55
Last modified 30-10-2018 - 12:27
Back to Top