ID CVE-2012-1667
Summary ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
References
Vulnerable Configurations
  • ISC BIND 9.0
    cpe:2.3:a:isc:bind:9.0
  • ISC BIND 9.0.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.0:rc1
  • ISC BIND 9.0.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.0:rc2
  • ISC BIND 9.0.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.0.0:rc3
  • ISC BIND 9.0.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.0.0:rc4
  • ISC BIND 9.0.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.0.0:rc5
  • ISC BIND 9.0.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.0.0:rc6
  • ISC BIND 9.0.1
    cpe:2.3:a:isc:bind:9.0.1
  • ISC BIND 9.0.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.1:rc1
  • ISC BIND 9.0.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.1:rc2
  • ISC BIND 9.1
    cpe:2.3:a:isc:bind:9.1
  • ISC BIND 9.1.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.0:rc1
  • ISC BIND 9.1.1
    cpe:2.3:a:isc:bind:9.1.1
  • ISC BIND 9.1.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.1:rc1
  • ISC BIND 9.1.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.1:rc2
  • ISC BIND 9.1.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.1:rc3
  • ISC BIND 9.1.1 Release Candidate 4
    cpe:2.3:a:isc:bind:9.1.1:rc4
  • ISC BIND 9.1.1 Release Candidate 5
    cpe:2.3:a:isc:bind:9.1.1:rc5
  • ISC BIND 9.1.1 Release Candidate 6
    cpe:2.3:a:isc:bind:9.1.1:rc6
  • ISC BIND 9.1.1 Release Candidate 7
    cpe:2.3:a:isc:bind:9.1.1:rc7
  • ISC BIND 9.1.2
    cpe:2.3:a:isc:bind:9.1.2
  • ISC BIND 9.1.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.2:rc1
  • ISC BIND 9.1.3
    cpe:2.3:a:isc:bind:9.1.3
  • ISC BIND 9.1.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.3:rc1
  • ISC BIND 9.1.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.3:rc2
  • ISC BIND 9.1.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.3:rc3
  • ISC BIND 9.2
    cpe:2.3:a:isc:bind:9.2
  • ISC BIND 9.2.0
    cpe:2.3:a:isc:bind:9.2.0
  • ISC BIND 9.2.0 Alpha 1
    cpe:2.3:a:isc:bind:9.2.0:a1
  • ISC BIND 9.2.0 Alpha 2
    cpe:2.3:a:isc:bind:9.2.0:a2
  • ISC BIND 9.2.0 Alpha 3
    cpe:2.3:a:isc:bind:9.2.0:a3
  • ISC BIND 9.2.0 Beta 1
    cpe:2.3:a:isc:bind:9.2.0:b1
  • ISC BIND 9.2.0 Beta 2
    cpe:2.3:a:isc:bind:9.2.0:b2
  • ISC BIND 9.2.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.0:rc1
  • ISC BIND 9.2.0 Release Candidate 10
    cpe:2.3:a:isc:bind:9.2.0:rc10
  • ISC BIND 9.2.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.0:rc2
  • ISC BIND 9.2.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.0:rc3
  • ISC BIND 9.2.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.0:rc4
  • ISC BIND 9.2.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.0:rc5
  • ISC BIND 9.2.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.0:rc6
  • ISC BIND 9.2.0 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.0:rc7
  • ISC BIND 9.2.0 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.0:rc8
  • ISC BIND 9.2.0 Release Candidate 9
    cpe:2.3:a:isc:bind:9.2.0:rc9
  • ISC BIND 9.2.1
    cpe:2.3:a:isc:bind:9.2.1
  • ISC BIND 9.2.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.1:rc1
  • ISC BIND 9.2.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.1:rc2
  • ISC BIND 9.2.2
    cpe:2.3:a:isc:bind:9.2.2
  • ISC BIND 9.2.2 Patch 2
    cpe:2.3:a:isc:bind:9.2.2:p2
  • ISC BIND 9.2.2 P3
    cpe:2.3:a:isc:bind:9.2.2:p3
  • ISC BIND 9.2.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.2:rc1
  • ISC BIND 9.2.3
    cpe:2.3:a:isc:bind:9.2.3
  • ISC BIND 9.2.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.3:rc1
  • ISC BIND 9.2.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.3:rc2
  • ISC BIND 9.2.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.3:rc3
  • ISC BIND 9.2.3 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.3:rc4
  • ISC BIND 9.2.4
    cpe:2.3:a:isc:bind:9.2.4
  • ISC BIND 9.2.4 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.4:rc2
  • ISC BIND 9.2.4 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.4:rc3
  • ISC BIND 9.2.4 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.4:rc4
  • ISC BIND 9.2.4 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.4:rc5
  • ISC BIND 9.2.4 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.4:rc6
  • ISC BIND 9.2.4 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.4:rc7
  • ISC BIND 9.2.4 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.4:rc8
  • ISC BIND 9.2.5
    cpe:2.3:a:isc:bind:9.2.5
  • ISC BIND 9.2.5 Beta 2
    cpe:2.3:a:isc:bind:9.2.5:b2
  • ISC BIND 9.2.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.5:rc1
  • ISC BIND 9.2.6
    cpe:2.3:a:isc:bind:9.2.6
  • ISC BIND 9.2.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.6:rc1
  • ISC BIND 9.2.7
    cpe:2.3:a:isc:bind:9.2.7
  • ISC BIND 9.2.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.7:rc1
  • ISC BIND 9.2.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.7:rc2
  • ISC BIND 9.2.7 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.7:rc3
  • ISC BIND 9.2.8
    cpe:2.3:a:isc:bind:9.2.8
  • ISC BIND 9.2.9
    cpe:2.3:a:isc:bind:9.2.9
  • ISC BIND 9.2.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.9:rc1
  • ISC BIND 9.3
    cpe:2.3:a:isc:bind:9.3
  • ISC BIND 9.3.0
    cpe:2.3:a:isc:bind:9.3.0
  • ISC BIND 9.3.0 Beta 2
    cpe:2.3:a:isc:bind:9.3.0:b2
  • ISC BIND 9.3.0 Beta 3
    cpe:2.3:a:isc:bind:9.3.0:b3
  • ISC BIND 9.3.0 Beta 4
    cpe:2.3:a:isc:bind:9.3.0:b4
  • ISC BIND 9.3.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.0:rc1
  • ISC BIND 9.3.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.0:rc2
  • ISC BIND 9.3.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.0:rc3
  • ISC BIND 9.3.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.3.0:rc4
  • ISC BIND 9.3.1
    cpe:2.3:a:isc:bind:9.3.1
  • ISC BIND 9.3.1 Beta 2
    cpe:2.3:a:isc:bind:9.3.1:b2
  • ISC BIND 9.3.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.1:rc1
  • ISC BIND 9.3.2
    cpe:2.3:a:isc:bind:9.3.2
  • ISC BIND 9.3.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.2:rc1
  • ISC BIND 9.3.3
    cpe:2.3:a:isc:bind:9.3.3
  • ISC BIND 9.3.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.3:rc1
  • ISC BIND 9.3.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.3:rc2
  • ISC BIND 9.3.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.3:rc3
  • ISC BIND 9.3.4
    cpe:2.3:a:isc:bind:9.3.4
  • ISC BIND 9.3.5
    cpe:2.3:a:isc:bind:9.3.5
  • ISC BIND 9.3.5 Patch 2 W1
    cpe:2.3:a:isc:bind:9.3.5:p2_w1
  • ISC BIND 9.3.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.5:rc1
  • ISC BIND 9.3.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.5:rc2
  • ISC BIND 9.3.6
    cpe:2.3:a:isc:bind:9.3.6
  • ISC BIND 9.3.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.6:rc1
  • ISC BIND 9.4
    cpe:2.3:a:isc:bind:9.4
  • ISC BIND 9.4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:-:-:-:esv
  • ISC BIND 9.4 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:b1:-:-:esv
  • ISC BIND 9.4 Release 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r1:-:-:esv
  • ISC BIND 9.4 Release 2 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r2:-:-:esv
  • ISC BIND 9.4 Release 3 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r3:-:-:esv
  • ISC BIND 9.4 Release 4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4:-:-:esv
  • ISC BIND 9.4 Release 4 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5:-:-:esv
  • ISC BIND 9.4 Release 5 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-b1:-:-:esv
  • ISC BIND 9.4 Release 5 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Release Candidate 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-rc1:-:-:esv
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.2 Patch 2 W1
    cpe:2.3:a:isc:bind:9.4.2:p2_w1
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Patch 1
    cpe:2.3:a:isc:bind:9.4.3:p1
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.4.3 Patch 3
    cpe:2.3:a:isc:bind:9.4.3:p3
  • ISC BIND 9.4.3 Patch 4
    cpe:2.3:a:isc:bind:9.4.3:p4
  • ISC BIND 9.4.3 Patch 5
    cpe:2.3:a:isc:bind:9.4.3:p5
  • ISC BIND 9.4.3 rc1
    cpe:2.3:a:isc:bind:9.4.3:rc1
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.5.0 rc1
    cpe:2.3:a:isc:bind:9.5.0:rc1
  • ISC BIND 9.5.1
    cpe:2.3:a:isc:bind:9.5.1
  • ISC BIND 9.5.1 Beta 1
    cpe:2.3:a:isc:bind:9.5.1:b1
  • ISC BIND 9.5.1 Beta 2
    cpe:2.3:a:isc:bind:9.5.1:b2
  • ISC BIND 9.5.1 Beta 3
    cpe:2.3:a:isc:bind:9.5.1:b3
  • ISC BIND 9.5.1 rc1
    cpe:2.3:a:isc:bind:9.5.1:rc1
  • ISC BIND 9.5.1 rc2
    cpe:2.3:a:isc:bind:9.5.1:rc2
  • ISC BIND 9.5.2
    cpe:2.3:a:isc:bind:9.5.2
  • ISC BIND 9.5.2 Beta 1
    cpe:2.3:a:isc:bind:9.5.2:b1
  • ISC BIND 9.5.2 Patch 1
    cpe:2.3:a:isc:bind:9.5.2:p1
  • ISC BIND 9.5.2 Patch 2
    cpe:2.3:a:isc:bind:9.5.2:p2
  • ISC BIND 9.5.2 Patch 3
    cpe:2.3:a:isc:bind:9.5.2:p3
  • ISC BIND 9.5.2 Patch 4
    cpe:2.3:a:isc:bind:9.5.2:p4
  • ISC BIND 9.5.2 release candidate 1
    cpe:2.3:a:isc:bind:9.5.2:rc1
  • ISC BIND 9.5.3 Beta 1
    cpe:2.3:a:isc:bind:9.5.3:b1
  • ISC BIND 9.5.3 release candidate 1
    cpe:2.3:a:isc:bind:9.5.3:rc1
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6
    cpe:2.3:a:isc:bind:9.6:r6:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Beta 1
    cpe:2.3:a:isc:bind:9.6:r6_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6:r6_rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.6:r6_rc2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7
    cpe:2.3:a:isc:bind:9.6:r7:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 1
    cpe:2.3:a:isc:bind:9.6:r7_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 2
    cpe:2.3:a:isc:bind:9.6:r7_p2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9
    cpe:2.3:a:isc:bind:9.6:r9:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9 Patch 1
    cpe:2.3:a:isc:bind:9.6:r9_p1:-:-:esv
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.2 Beta 1
    cpe:2.3:a:isc:bind:9.6.2:b1
  • ISC BIND 9.6.2 Patch 1
    cpe:2.3:a:isc:bind:9.6.2:p1
  • ISC BIND 9.6.2 Patch 2
    cpe:2.3:a:isc:bind:9.6.2:p2
  • ISC BIND 9.6.2 Patch 3
    cpe:2.3:a:isc:bind:9.6.2:p3
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.3 Beta 1
    cpe:2.3:a:isc:bind:9.6.3:b1
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4P1
    cpe:2.3:a:isc:bind:9.7.4:p1
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.7.5
    cpe:2.3:a:isc:bind:9.7.5
  • ISC BIND 9.7.5 B1
    cpe:2.3:a:isc:bind:9.7.5:b1
  • ISC BIND 9.7.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.5:rc1
  • ISC BIND 9.7.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.5:rc2
  • ISC BIND 9.7.6
    cpe:2.3:a:isc:bind:9.7.6
  • ISC BIND 9.9.0
    cpe:2.3:a:isc:bind:9.9.0
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.9.0b2
    cpe:2.3:a:isc:bind:9.9.0:b2
  • ISC BIND 9.9.0 release candidate 1
    cpe:2.3:a:isc:bind:9.9.0:rc1
  • ISC BIND 9.9.0 release candidate 2
    cpe:2.3:a:isc:bind:9.9.0:rc2
  • ISC BIND 9.9.0 release candidate 3
    cpe:2.3:a:isc:bind:9.9.0:rc3
  • ISC BIND 9.9.0 release candidate 4
    cpe:2.3:a:isc:bind:9.9.0:rc4
  • ISC BIND 9.9.1
    cpe:2.3:a:isc:bind:9.9.1
CVSS
Base: 8.5 (as of 24-08-2016 - 13:37)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE COMPLETE
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2016-0055.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite - Fix (CVE-2016-1285, CVE-2016-1286) - Fix (CVE-2015-8704) - Fix (CVE-2015-8000) - Fix (CVE-2015-5722) - Fix (CVE-2015-5477) - Remove files backup after patching (Related: #1171971) - Fix CVE-2014-8500 (#1171971) - fix race condition in socket module - fix (CVE-2012-5166) - bind-chroot-admin: set correct permissions on /etc/named.conf during update - fix (CVE-2012-4244) - fix (CVE-2012-3817) - fix (CVE-2012-1667) - fix (CVE-2012-1033)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 91739
    published 2016-06-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91739
    title OracleVM 3.2 : bind (OVMSA-2016-0055)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_7_5.NASL
    description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP - Profile Manager - QuickLook - QuickTime - Ruby - USB
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62214
    published 2012-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62214
    title Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2012-004.NASL
    description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components : - Apache - Data Security - DirectoryService - ImageIO - International Components for Unicode - Mail - PHP - QuickLook - QuickTime - Ruby
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62213
    published 2012-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62213
    title Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0016_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - bind - expat - nspr and nss - python - vSphere API
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89039
    published 2016-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89039
    title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2012-341-01.NASL
    description New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
    last seen 2019-02-21
    modified 2013-06-01
    plugin id 63167
    published 2012-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63167
    title Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2012-341-01)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0716.NASL
    description Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59413
    published 2012-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59413
    title CentOS 5 / 6 : bind (CESA-2012:0716)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0016.NASL
    description a. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities on the host but any virtual machines running on the host would be unaffected. VMware would like to thank Sebastian Tello of Core Security Technologies for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-5703 to this issue. b. Update to ESX service console bind packages The ESX service console bind packages are updated to the following versions : bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-1033, CVE-2012-1667, and CVE-2012-3817 to these issues. c. Update to ESX service console python packages The ESX service console Python packages are updated to the following versions : python-2.4.3-46.el5_8.2.x86_64 python-libs-2.4.3-46.el5_8.2.x86_64 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4940, CVE-2011-4944, and CVE-2012-1150 to these issues. d. Update to ESX service console expat package The ESX service console expat package is updated to expat-1.95.8-11.el5_8. This update fixes multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-0876 and CVE-2012-1148 to these issues. e. Update to ESX service console nspr and nss packages This patch updates the ESX service console Netscape Portable Runtime and Network Security Services RPMs to versions nspr-4.9.1.4.el5_8 and nss-3.13.5.4.9834, respectively, to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0441 to this issue. This patch also resolves a certificate trust issue caused by a fraudulent DigiNotar root certificate.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 62944
    published 2012-11-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62944
    title VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-8968.NASL
    description Update to the latest upstream release which fixes CVE-2012-1667. More information is available on http://www.isc.org/software/bind/advisories/CVE-2012-1667 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 59488
    published 2012-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59488
    title Fedora 17 : bind-9.9.1-2.P1.fc17 (2012-8968)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV22625.NASL
    description Adding records to BIND with zero length rdata fields could result in memory disclosure to client, data corruption or system crash.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63724
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63724
    title AIX 5.3 TL 12 : bind9 (IV22625)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-120604.NASL
    description The following issue has been fixed : - Records with zero length rdata field could have crashed named or disclose portions of memory to clients. (CVE-2012-1667)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64111
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64111
    title SuSE 11.2 Security Update : bind (SAT Patch Number 6382)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FC5231B6C06611E1B5E0000C299B62E1.NASL
    description Problem description : The named(8) server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash on restart after transferring a zone containing records with zero-length RDATA fields. These would result in a denial of service, or leak of sensitive information.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59749
    published 2012-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59749
    title FreeBSD : FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) (fc5231b6-c066-11e1-b5e0-000c299b62e1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-8946.NASL
    description Update to the latest upstream release which fixes CVE-2012-1667. More information is available on http://www.isc.org/software/bind/advisories/CVE-2012-1667 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 59540
    published 2012-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59540
    title Fedora 16 : bind-9.8.3-2.P1.fc16 (2012-8946)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120607_BIND97_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61324
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61324
    title Scientific Linux Security Update : bind97 on SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-296.NASL
    description bind was updated to 9.8.4-P2 to fix security problems and bugs. Security Fixes Removed the check for regex.h in configure in order to disable regex syntax checking, as it exposes BIND to a critical flaw in libregex on some platforms. [CVE-2013-2266] [RT #32688] https://kb.isc.org/article/AA-00871 (bnc#811876) Prevents named from aborting with a require assertion failure on servers with DNS64 enabled. These crashes might occur as a result of specific queries that are received. (Note that this fix is a subset of a series of updates that will be included in full in BIND 9.8.5 and 9.9.3 as change #3388, RT #30996). [CVE-2012-5688] [RT #30792] A deliberately constructed combination of records could cause named to hang while populating the additional section of a response. [CVE-2012-5166] [RT #31090] Prevents a named assert (crash) when queried for a record whose RDATA exceeds 65535 bytes [CVE-2012-4244] [RT #30416] Prevents a named assert (crash) when validating caused by using 'Bad cache' data before it has been initialized. [CVE-2012-3817] [RT #30025] A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. [CVE-2012-1667] [RT #29644] New Features Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are now supported per RFC 6605. [RT #21918] Feature Changes Improves OpenSSL error logging [RT #29932] nslookup now returns a nonzero exit code when it is unable to get an answer. [RT #29492] Bug Fixes Uses binary mode to open raw files on Windows. [RT #30944] Static-stub zones now accept 'forward' and 'fowarders' options (often needed for subdomains of the zone referenced to override global forwarding options). These options are already available with traditional stub zones and their omission from zones of type 'static-stub' was an inadvertent oversight. [RT #30482] Limits the TTL of signed RRsets in cache when their RRSIGs are approaching expiry. This prevents the persistence in cache of invalid RRSIGs in order to assist recovery from a situation where zone re-signing doesn't occur in a timely manner. With this change, named will attempt to obtain new RRSIGs from the authoritative server once the original ones have expired, and even if the TTL of the old records would in other circumstances cause them to be kept in cache for longer. [RT #26429] Corrects the syntax of isc_atomic_xadd() and isc_atomic_cmpxchg() which are employed on Itanium systems to speed up lock management by making use of atomic operations. Without the syntax correction it is possible that concurrent access to the same structures could accidentally occur with unpredictable results. [RT #25181] The configure script now supports and detects libxml2-2.8.x correctly [RT #30440] The host command should no longer assert on some architectures and builds while handling the time values used with the -w (wait forever) option. [RT #18723] Invalid zero settings for max-retry-time, min-retry-time, max-refresh-time, min-refresh-time will now be detected during parsing of named.conf and an error emitted instead of triggering an assertion failure on startup. [RT #27730] Removes spurious newlines from log messages in zone.c [RT #30675] When built with readline support (i.e. on a system with readline installed) nsupdate no longer terminates unexpectedly in interactive mode. [RT #29550] All named tasks that perform task-exclusive operations now share the same single task. Prior to this change, there was the possibility of a race condition between rndc operations and other functions such as re-sizing the adb hash table. If the race condition was encountered, named would in most cases terminate unexpectedly with an assert. [RT #29872] Ensures that servers are expired from the ADB cache when the timeout limit is reached so that their learned attributes can be refreshed. Prior to this change, servers that were frequently queried might never have their entries removed and reinitialized. This is of particular importance to DNSSEC-validating recursive servers that might erroneously set 'no-edns' for an authoritative server following a period of intermittent connectivity. [RT #29856] Adds additional resilience to a previous security change (3218) by preventing RRSIG data from being added to cache when a pseudo-record matching the covering type and proving non-existence exists at a higher trust level. The earlier change prevented this inconsistent data from being retrieved from cache in response to client queries - with this additional change, the RRSIG records are no longer inserted into cache at all. [RT #26809] dnssec-settime will now issue a warning when the writing of a new private key file would cause a change in the permissions of the existing file. [RT #27724] Fixes the defect introduced by change #3314 that was causing failures when saving stub zones to disk (resulting in excessive CPU usage in some cases). [RT #29952] It is now possible to using multiple control keys again - this functionality was inadvertently broken by change #3924 (RT #28265) which addressed a memory leak. [RT #29694] Setting resolver-query-timeout too low could cause named problems recovering after a loss of connectivity. [RT #29623] Reduces the potential build-up of stale RRsets in cache on a busy recursive nameserver by re-using cached DS and RRSIG rrsets when possible [RT #29446] Corrects a failure to authenticate non-existence of resource records in some circumstances when RPZ has been configured. Also : - adds an optional 'recursive-only yes|no' to the response-policy statement - adds an optional 'max-policy-ttl' to the response-policy statement to limit the false data that 'recursive-only no' can introduce into resolvers' caches - introduces a predefined encoding of PASSTHRU policy by adding 'rpz-passthru' to be used as the target of CNAME policy records (the old encoding is still accepted.) - adds a RPZ performance test to bin/tests/system/rpz when queryperf is available. [RT #26172] Upper-case/lower-case handling of RRSIG signer-names is now handled consistently: RRSIG records are generated with the signer-name in lower case. They are accepted with any case, but if they fail to validate, we try again in lower case. [RT #27451] - Update the IPv4 address of the D root name server.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 74953
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74953
    title openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0716.NASL
    description Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 59423
    published 2012-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59423
    title RHEL 5 / 6 : bind (RHSA-2012:0716)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0717.NASL
    description Updated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59424
    published 2012-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59424
    title RHEL 5 : bind97 (RHSA-2012:0717)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120607_BIND_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61325
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61325
    title Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2012-166-01.NASL
    description New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 59507
    published 2012-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59507
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2012-166-01)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_BIND_20120814.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. (CVE-2012-1667)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80593
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80593
    title Oracle Solaris Third-Party Patch Update : bind (cve_2012_1667_denial_of)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL13660.NASL
    description ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial-of-service (DoS) (process crash or data corruption) or obtain sensitive information from process memory by way of a crafted record. (CVE-2012-1667)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 86003
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86003
    title F5 Networks BIG-IP : BIND vulnerability (SOL13660)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0066.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99569
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99569
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-04 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy (CVE-2012-1033). BIND accepts records with zero-length RDATA fields (CVE-2012-1667). An assertion failure from the failing-query cache could occur when DNSSEC validation is enabled (CVE-2012-3817). A memory leak may occur under high TCP query loads (CVE-2012-3868). An assertion error can occur when a query is performed for a record with RDATA greater than 65535 bytes (CVE-2012-4244). Impact : A remote attacker may be able to cause a Denial of Service condition or keep domain names resolvable after it has been deleted from registration. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 62237
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62237
    title GLSA-201209-04 : BIND: Multiple vulnerabilities
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-84.NASL
    description A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69691
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69691
    title Amazon Linux AMI : bind (ALAS-2012-84)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV22555.NASL
    description Adding records to BIND with zero length rdata fields could result in memory disclosure to client, data corruption or system crash.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63721
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63721
    title AIX 6.1 TL 7 : bind9 (IV22555)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0717.NASL
    description Updated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59414
    published 2012-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59414
    title CentOS 5 : bind97 (CESA-2012:0717)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0717.NASL
    description From Red Hat Security Advisory 2012:0717 : Updated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68538
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68538
    title Oracle Linux 5 : bind97 (ELSA-2012-0717)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1ECC0D3FAE8E11E1965B0024E88A8C98.NASL
    description ISC reports : Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers may crash on restart after transferring a zone containing these records. Master servers may corrupt zone data if the zone option 'auto-dnssec' is set to 'maintain'. Other unexpected problems that are not listed here may also be encountered. Impact: This issue primarily affects recursive nameservers. Authoritative nameservers will only be impacted if an administrator configures experimental record types with no data. If the server is configured this way, then secondaries can crash on restart after transferring that zone. Zone data on the master can become corrupted if the zone with those records has named configured to manage the DNSSEC key rotation.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 59361
    published 2012-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59361
    title FreeBSD : dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory (1ecc0d3f-ae8e-11e1-965b-0024e88a8c98)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-8169.NASL
    description The following issue has been fixed : - Records with zero length rdata field could have crashed named or disclosed portions of memory to clients. (CVE-2012-1667)
    last seen 2019-02-21
    modified 2012-08-11
    plugin id 59552
    published 2012-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59552
    title SuSE 10 Security Update : bind (ZYPP Patch Number 8169)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV22556.NASL
    description Adding records to BIND with zero length rdata fields could result in memory disclosure to client, data corruption or system crash.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63722
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63722
    title AIX 7.1 TL 0 : bind9 (IV22556)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-120605.NASL
    description The following issue has been fixed : - Records with zero length rdata field could have crashed named or disclose portions of memory to clients. (CVE-2012-1667)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64112
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64112
    title SuSE 11.1 Security Update : bind (SAT Patch Number 6388)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2486.NASL
    description It was discovered that BIND, a DNS server, can crash while processing resource records containing no data bytes. Both authoritative servers and resolvers are affected.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59764
    published 2012-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59764
    title Debian DSA-2486-1 : bind9 - denial of service
  • NASL family AIX Local Security Checks
    NASL id AIX_IV22557.NASL
    description Adding records to BIND with zero length rdata fields could result in memory disclosure to client, data corruption or system crash.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63723
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63723
    title AIX 7.1 TL 1 : bind9 (IV22557)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2028.NASL
    description Description of changes: [20:9.2.4-38.0.1.el4] - fix CVE-2012-1667 (Adam Tkac) [orabz 14418]
    last seen 2019-01-03
    modified 2019-01-02
    plugin id 68680
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68680
    title Oracle Linux 4 : bind (ELSA-2012-2028)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV22554.NASL
    description Adding records to BIND with zero length rdata fields could result in memory disclosure to client, data corruption or system crash.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63720
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63720
    title AIX 6.1 TL 6 : bind9 (IV22554)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-8962.NASL
    description Update to the latest upstream release which fixes CVE-2012-1667. More information is available on http://www.isc.org/software/bind/advisories/CVE-2012-1667 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 59541
    published 2012-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59541
    title Fedora 15 : bind-9.8.3-2.P1.fc15 (2012-8962)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-316.NASL
    description A remote denial of service in the bind nameserver via zero length rdata fields was fixed.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74648
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74648
    title openSUSE Security Update : bind (openSUSE-SU-2012:0722-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2012-089.NASL
    description A vulnerability was discovered and corrected in bind : ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record (CVE-2012-1667). The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1 which is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 59440
    published 2012-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59440
    title Mandriva Linux Security Advisory : bind (MDVSA-2012:089)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0716.NASL
    description From Red Hat Security Advisory 2012:0716 : Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68537
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68537
    title Oracle Linux 5 / 6 : bind (ELSA-2012-0716)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_2.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.2. The newer version contains multiple security-related fixes for the following components : - BIND - Data Security - LoginWindow - Mobile Accounts - PHP
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62215
    published 2012-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62215
    title Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1462-1.NASL
    description Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. (CVE-2012-1667) It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked. (CVE-2012-1033). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59386
    published 2012-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59386
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerabilities (USN-1462-1)
  • NASL family DNS
    NASL id BIND9_991_P1.NASL
    description According to its self-reported version number, the remote installation of BIND does not properly handle resource records with a zero-length RDATA section, which may lead to unexpected outcomes, such as crashes of the affected server, disclosure of portions of memory, corrupted zone data, or other problems. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually affected.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59446
    published 2012-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59446
    title ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure
redhat via4
advisories
  • bugzilla
    id 828078
    title CVE-2012-1667 bind: handling of zero length rdata can cause named to terminate unexpectedly
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment bind is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716005
          • comment bind is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975006
        • AND
          • comment bind-chroot is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716015
          • comment bind-chroot is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975012
        • AND
          • comment bind-devel is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716011
          • comment bind-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975010
        • AND
          • comment bind-libs is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716009
          • comment bind-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975016
        • AND
          • comment bind-sdb is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716007
          • comment bind-sdb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975014
        • AND
          • comment bind-utils is earlier than 32:9.7.3-8.P3.el6_2.3
            oval oval:com.redhat.rhsa:tst:20120716013
          • comment bind-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975008
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment bind is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716018
          • comment bind is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057003
        • AND
          • comment bind-chroot is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716022
          • comment bind-chroot is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057005
        • AND
          • comment bind-devel is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716028
          • comment bind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057007
        • AND
          • comment bind-libbind-devel is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716024
          • comment bind-libbind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057015
        • AND
          • comment bind-libs is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716026
          • comment bind-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057017
        • AND
          • comment bind-sdb is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716030
          • comment bind-sdb is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057009
        • AND
          • comment bind-utils is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716020
          • comment bind-utils is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057011
        • AND
          • comment caching-nameserver is earlier than 30:9.3.6-20.P1.el5_8.1
            oval oval:com.redhat.rhsa:tst:20120716032
          • comment caching-nameserver is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057013
    rhsa
    id RHSA-2012:0716
    released 2012-06-07
    severity Important
    title RHSA-2012:0716: bind security update (Important)
  • bugzilla
    id 828078
    title CVE-2012-1667 bind: handling of zero length rdata can cause named to terminate unexpectedly
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-10.P2.el5_8.1
          oval oval:com.redhat.rhsa:tst:20120717002
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-10.P2.el5_8.1
          oval oval:com.redhat.rhsa:tst:20120717010
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-10.P2.el5_8.1
          oval oval:com.redhat.rhsa:tst:20120717006
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-10.P2.el5_8.1
          oval oval:com.redhat.rhsa:tst:20120717004
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-10.P2.el5_8.1
          oval oval:com.redhat.rhsa:tst:20120717008
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
    rhsa
    id RHSA-2012:0717
    released 2012-06-07
    severity Important
    title RHSA-2012:0717: bind97 security update (Important)
  • rhsa
    id RHSA-2012:1110
rpms
  • bind-32:9.7.3-8.P3.el6_2.3
  • bind-chroot-32:9.7.3-8.P3.el6_2.3
  • bind-devel-32:9.7.3-8.P3.el6_2.3
  • bind-libs-32:9.7.3-8.P3.el6_2.3
  • bind-sdb-32:9.7.3-8.P3.el6_2.3
  • bind-utils-32:9.7.3-8.P3.el6_2.3
  • bind-30:9.3.6-20.P1.el5_8.1
  • bind-chroot-30:9.3.6-20.P1.el5_8.1
  • bind-devel-30:9.3.6-20.P1.el5_8.1
  • bind-libbind-devel-30:9.3.6-20.P1.el5_8.1
  • bind-libs-30:9.3.6-20.P1.el5_8.1
  • bind-sdb-30:9.3.6-20.P1.el5_8.1
  • bind-utils-30:9.3.6-20.P1.el5_8.1
  • caching-nameserver-30:9.3.6-20.P1.el5_8.1
  • bind97-32:9.7.0-10.P2.el5_8.1
  • bind97-chroot-32:9.7.0-10.P2.el5_8.1
  • bind97-devel-32:9.7.0-10.P2.el5_8.1
  • bind97-libs-32:9.7.0-10.P2.el5_8.1
  • bind97-utils-32:9.7.0-10.P2.el5_8.1
refmap via4
apple APPLE-SA-2012-09-19-2
bid 53772
cert-vn VU#381699
confirm
debian DSA-2486
hp
  • HPSBUX02795
  • SSRT100878
mandriva MDVSA-2012:089
secunia 51096
slackware SSA:2012-341-01
suse
  • SUSE-SU-2012:0741
  • openSUSE-SU-2012:0722
vmware via4
description The ESX service console bind packages are updated to the following versions: bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2
id VMSA-2012-0016
last_updated 2012-11-15T00:00:00
published 2012-11-15T00:00:00
title VMware vSphere API denial of service vulnerability
Last major update 06-12-2016 - 22:00
Published 05-06-2012 - 12:55
Last modified 17-01-2018 - 21:29
Back to Top