ID CVE-2012-4244
Summary ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
References
Vulnerable Configurations
  • ISC BIND 9.9.1-p2
    cpe:2.3:a:isc:bind:9.9.1:p2
  • ISC BIND 9.9.1-p1
    cpe:2.3:a:isc:bind:9.9.1:p1
  • ISC BIND 9.9.1
    cpe:2.3:a:isc:bind:9.9.1
  • ISC BIND 9.9.0 release candidate 4
    cpe:2.3:a:isc:bind:9.9.0:rc4
  • ISC BIND 9.9.0 release candidate 3
    cpe:2.3:a:isc:bind:9.9.0:rc3
  • ISC BIND 9.9.0 release candidate 2
    cpe:2.3:a:isc:bind:9.9.0:rc2
  • ISC BIND 9.9.0 release candidate 1
    cpe:2.3:a:isc:bind:9.9.0:rc1
  • ISC BIND 9.9.0b2
    cpe:2.3:a:isc:bind:9.9.0:b2
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0
    cpe:2.3:a:isc:bind:9.9.0
  • ISC BIND 9.8.3-p2
    cpe:2.3:a:isc:bind:9.8.3:p2
  • ISC BIND 9.8.3-p1
    cpe:2.3:a:isc:bind:9.8.3:p1
  • ISC BIND 9.8.3
    cpe:2.3:a:isc:bind:9.8.3
  • ISC BIND 9.8.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.8.2:rc2
  • ISC BIND 9.8.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.2:rc1
  • ISC BIND 9.8.2 B1
    cpe:2.3:a:isc:bind:9.8.2:b1
  • ISC BIND 9.8.2
    cpe:2.3:a:isc:bind:9.8.2
  • ISC BIND 9.8.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.1:rc1
  • ISC BIND 9.8.1-P1
    cpe:2.3:a:isc:bind:9.8.1:p1
  • ISC BIND 9.8.1 B3
    cpe:2.3:a:isc:bind:9.8.1:b3
  • ISC BIND 9.8.1 B2
    cpe:2.3:a:isc:bind:9.8.1:b2
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
  • ISC BIND 9.8.1
    cpe:2.3:a:isc:bind:9.8.1
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.0-P4
    cpe:2.3:a:isc:bind:9.8.0:p4
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.7.6-p2
    cpe:2.3:a:isc:bind:9.7.6:p2
  • ISC BIND 9.7.6-p1
    cpe:2.3:a:isc:bind:9.7.6:p1
  • ISC BIND 9.7.6
    cpe:2.3:a:isc:bind:9.7.6
  • ISC BIND 9.7.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.5:rc2
  • ISC BIND 9.7.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.5:rc1
  • ISC BIND 9.7.5 B1
    cpe:2.3:a:isc:bind:9.7.5:b1
  • ISC BIND 9.7.5
    cpe:2.3:a:isc:bind:9.7.5
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.7.4P1
    cpe:2.3:a:isc:bind:9.7.4:p1
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.6.3 Beta 1
    cpe:2.3:a:isc:bind:9.6.3:b1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.2 Patch 3
    cpe:2.3:a:isc:bind:9.6.2:p3
  • ISC BIND 9.6.2 Patch 2
    cpe:2.3:a:isc:bind:9.6.2:p2
  • ISC BIND 9.6.2 Patch 1
    cpe:2.3:a:isc:bind:9.6.2:p1
  • ISC BIND 9.6.2 Beta 1
    cpe:2.3:a:isc:bind:9.6.2:b1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6 Extended Support Version Release 9 Patch 1
    cpe:2.3:a:isc:bind:9.6:r9_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9
    cpe:2.3:a:isc:bind:9.6:r9:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 2
    cpe:2.3:a:isc:bind:9.6:r7_p2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 1
    cpe:2.3:a:isc:bind:9.6:r7_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7
    cpe:2.3:a:isc:bind:9.6:r7:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.6:r6_rc2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6:r6_rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Beta 1
    cpe:2.3:a:isc:bind:9.6:r6_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6
    cpe:2.3:a:isc:bind:9.6:r6:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.5.3 release candidate 1
    cpe:2.3:a:isc:bind:9.5.3:rc1
  • ISC BIND 9.5.3 Beta 1
    cpe:2.3:a:isc:bind:9.5.3:b1
  • ISC BIND 9.5.2 release candidate 1
    cpe:2.3:a:isc:bind:9.5.2:rc1
  • ISC BIND 9.5.2 Patch 4
    cpe:2.3:a:isc:bind:9.5.2:p4
  • ISC BIND 9.5.2 Patch 3
    cpe:2.3:a:isc:bind:9.5.2:p3
  • ISC BIND 9.5.2 Patch 2
    cpe:2.3:a:isc:bind:9.5.2:p2
  • ISC BIND 9.5.2 Patch 1
    cpe:2.3:a:isc:bind:9.5.2:p1
  • ISC BIND 9.5.2 Beta 1
    cpe:2.3:a:isc:bind:9.5.2:b1
  • ISC BIND 9.5.2
    cpe:2.3:a:isc:bind:9.5.2
  • ISC BIND 9.5.1 rc2
    cpe:2.3:a:isc:bind:9.5.1:rc2
  • ISC BIND 9.5.1 rc1
    cpe:2.3:a:isc:bind:9.5.1:rc1
  • ISC BIND 9.5.1 Beta 3
    cpe:2.3:a:isc:bind:9.5.1:b3
  • ISC BIND 9.5.1 Beta 2
    cpe:2.3:a:isc:bind:9.5.1:b2
  • ISC BIND 9.5.1 Beta 1
    cpe:2.3:a:isc:bind:9.5.1:b1
  • ISC BIND 9.5.1
    cpe:2.3:a:isc:bind:9.5.1
  • ISC BIND 9.5.0 rc1
    cpe:2.3:a:isc:bind:9.5.0:rc1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.4.3 rc1
    cpe:2.3:a:isc:bind:9.4.3:rc1
  • ISC BIND 9.4.3 Patch 5
    cpe:2.3:a:isc:bind:9.4.3:p5
  • ISC BIND 9.4.3 Patch 4
    cpe:2.3:a:isc:bind:9.4.3:p4
  • ISC BIND 9.4.3 Patch 3
    cpe:2.3:a:isc:bind:9.4.3:p3
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.4.3 Patch 1
    cpe:2.3:a:isc:bind:9.4.3:p1
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4 Release 5 Release Candidate 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-rc1:-:-:esv
  • ISC BIND 9.4 Release 5 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-b1:-:-:esv
  • ISC BIND 9.4 Release 5 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5:-:-:esv
  • ISC BIND 9.4 Release 4 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4-p1:-:-:esv
  • ISC BIND 9.4 Release 4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4:-:-:esv
  • ISC BIND 9.4 Release 3 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r3:-:-:esv
  • ISC BIND 9.4 Release 2 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r2:-:-:esv
  • ISC BIND 9.4 Release 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r1:-:-:esv
  • ISC BIND 9.4 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:b1:-:-:esv
  • ISC BIND 9.4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:-:-:-:esv
  • ISC BIND 9.4
    cpe:2.3:a:isc:bind:9.4
  • ISC BIND 9.3.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.6:rc1
  • ISC BIND 9.3.6
    cpe:2.3:a:isc:bind:9.3.6
  • ISC BIND 9.3.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.5:rc2
  • ISC BIND 9.3.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.5:rc1
  • ISC BIND 9.3.5
    cpe:2.3:a:isc:bind:9.3.5
  • ISC BIND 9.3.4
    cpe:2.3:a:isc:bind:9.3.4
  • ISC BIND 9.3.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.3:rc3
  • ISC BIND 9.3.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.3:rc2
  • ISC BIND 9.3.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.3:rc1
  • ISC BIND 9.3.3
    cpe:2.3:a:isc:bind:9.3.3
  • ISC BIND 9.3.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.2:rc1
  • ISC BIND 9.3.2
    cpe:2.3:a:isc:bind:9.3.2
  • ISC BIND 9.3.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.1:rc1
  • ISC BIND 9.3.1 Beta 2
    cpe:2.3:a:isc:bind:9.3.1:b2
  • ISC BIND 9.3.1
    cpe:2.3:a:isc:bind:9.3.1
  • ISC BIND 9.3.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.3.0:rc4
  • ISC BIND 9.3.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.0:rc3
  • ISC BIND 9.3.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.0:rc2
  • ISC BIND 9.3.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.0:rc1
  • ISC BIND 9.3.0 Beta 4
    cpe:2.3:a:isc:bind:9.3.0:b4
  • ISC BIND 9.3.0 Beta 3
    cpe:2.3:a:isc:bind:9.3.0:b3
  • ISC BIND 9.3.0 Beta 2
    cpe:2.3:a:isc:bind:9.3.0:b2
  • ISC BIND 9.3.0
    cpe:2.3:a:isc:bind:9.3.0
  • ISC BIND 9.3
    cpe:2.3:a:isc:bind:9.3
  • ISC BIND 9.2.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.9:rc1
  • ISC BIND 9.2.9
    cpe:2.3:a:isc:bind:9.2.9
  • ISC BIND 9.2.8
    cpe:2.3:a:isc:bind:9.2.8
  • ISC BIND 9.2.7 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.7:rc3
  • ISC BIND 9.2.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.7:rc2
  • ISC BIND 9.2.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.7:rc1
  • ISC BIND 9.2.7
    cpe:2.3:a:isc:bind:9.2.7
  • ISC BIND 9.2.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.6:rc1
  • ISC BIND 9.2.6
    cpe:2.3:a:isc:bind:9.2.6
  • ISC BIND 9.2.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.5:rc1
  • ISC BIND 9.2.5 Beta 2
    cpe:2.3:a:isc:bind:9.2.5:b2
  • ISC BIND 9.2.5
    cpe:2.3:a:isc:bind:9.2.5
  • ISC BIND 9.2.4 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.4:rc8
  • ISC BIND 9.2.4 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.4:rc7
  • ISC BIND 9.2.4 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.4:rc6
  • ISC BIND 9.2.4 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.4:rc5
  • ISC BIND 9.2.4 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.4:rc4
  • ISC BIND 9.2.4 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.4:rc3
  • ISC BIND 9.2.4 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.4:rc2
  • ISC BIND 9.2.4
    cpe:2.3:a:isc:bind:9.2.4
  • ISC BIND 9.2.3 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.3:rc4
  • ISC BIND 9.2.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.3:rc3
  • ISC BIND 9.2.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.3:rc2
  • ISC BIND 9.2.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.3:rc1
  • ISC BIND 9.2.3
    cpe:2.3:a:isc:bind:9.2.3
  • ISC BIND 9.2.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.2:rc1
  • ISC BIND 9.2.2 P3
    cpe:2.3:a:isc:bind:9.2.2:p3
  • ISC BIND 9.2.2 Patch 2
    cpe:2.3:a:isc:bind:9.2.2:p2
  • ISC BIND 9.2.2
    cpe:2.3:a:isc:bind:9.2.2
  • ISC BIND 9.2.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.1:rc2
  • ISC BIND 9.2.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.1:rc1
  • ISC BIND 9.2.1
    cpe:2.3:a:isc:bind:9.2.1
  • ISC BIND 9.2.0 Release Candidate 9
    cpe:2.3:a:isc:bind:9.2.0:rc9
  • ISC BIND 9.2.0 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.0:rc8
  • ISC BIND 9.2.0 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.0:rc7
  • ISC BIND 9.2.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.0:rc6
  • ISC BIND 9.2.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.0:rc5
  • ISC BIND 9.2.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.0:rc4
  • ISC BIND 9.2.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.0:rc3
  • ISC BIND 9.2.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.0:rc2
  • ISC BIND 9.2.0 Release Candidate 10
    cpe:2.3:a:isc:bind:9.2.0:rc10
  • ISC BIND 9.2.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.0:rc1
  • ISC BIND 9.2.0 Beta 2
    cpe:2.3:a:isc:bind:9.2.0:b2
  • ISC BIND 9.2.0 Beta 1
    cpe:2.3:a:isc:bind:9.2.0:b1
  • ISC BIND 9.2.0 Alpha 3
    cpe:2.3:a:isc:bind:9.2.0:a3
  • ISC BIND 9.2.0 Alpha 2
    cpe:2.3:a:isc:bind:9.2.0:a2
  • ISC BIND 9.2.0 Alpha 1
    cpe:2.3:a:isc:bind:9.2.0:a1
  • ISC BIND 9.2.0
    cpe:2.3:a:isc:bind:9.2.0
  • ISC BIND 9.2
    cpe:2.3:a:isc:bind:9.2
  • ISC BIND 9.1.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.3:rc3
  • ISC BIND 9.1.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.3:rc2
  • ISC BIND 9.1.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.3:rc1
  • ISC BIND 9.1.3
    cpe:2.3:a:isc:bind:9.1.3
  • ISC BIND 9.1.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.2:rc1
  • ISC BIND 9.1.2
    cpe:2.3:a:isc:bind:9.1.2
  • ISC BIND 9.1.1 Release Candidate 7
    cpe:2.3:a:isc:bind:9.1.1:rc7
  • ISC BIND 9.1.1 Release Candidate 6
    cpe:2.3:a:isc:bind:9.1.1:rc6
  • ISC BIND 9.1.1 Release Candidate 5
    cpe:2.3:a:isc:bind:9.1.1:rc5
  • ISC BIND 9.1.1 Release Candidate 4
    cpe:2.3:a:isc:bind:9.1.1:rc4
  • ISC BIND 9.1.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.1:rc3
  • ISC BIND 9.1.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.1:rc2
  • ISC BIND 9.1.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.1:rc1
  • ISC BIND 9.1.1
    cpe:2.3:a:isc:bind:9.1.1
  • ISC BIND 9.1.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.0:rc1
  • ISC BIND 9.1
    cpe:2.3:a:isc:bind:9.1
  • ISC BIND 9.0.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.1:rc2
  • ISC BIND 9.0.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.1:rc1
  • ISC BIND 9.0.1
    cpe:2.3:a:isc:bind:9.0.1
  • ISC BIND 9.0.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.0.0:rc6
  • ISC BIND 9.0.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.0.0:rc5
  • ISC BIND 9.0.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.0.0:rc4
  • ISC BIND 9.0.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.0.0:rc3
  • ISC BIND 9.0.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.0:rc2
  • ISC BIND 9.0.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.0:rc1
  • ISC BIND 9.0
    cpe:2.3:a:isc:bind:9.0
CVSS
Base: 7.8 (as of 24-08-2016 - 13:37)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2016-0055.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite - Fix (CVE-2016-1285, CVE-2016-1286) - Fix (CVE-2015-8704) - Fix (CVE-2015-8000) - Fix (CVE-2015-5722) - Fix (CVE-2015-5477) - Remove files backup after patching (Related: #1171971) - Fix CVE-2014-8500 (#1171971) - fix race condition in socket module - fix (CVE-2012-5166) - bind-chroot-admin: set correct permissions on /etc/named.conf during update - fix (CVE-2012-4244) - fix (CVE-2012-3817) - fix (CVE-2012-1667) - fix (CVE-2012-1033)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 91739
    published 2016-06-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91739
    title OracleVM 3.2 : bind (OVMSA-2016-0055)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-8298.NASL
    description The bind nameserver was updated to version 9.6-ESV-R7-P3 to fix a single security problem, where loading a zone file could have caused an assertion (abort) of the named service. (CVE-2012-4244)
    last seen 2019-02-21
    modified 2013-02-11
    plugin id 62176
    published 2012-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62176
    title SuSE 10 Security Update : bind (ZYPP Patch Number 8298)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1267.NASL
    description Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) This update also fixes the following bug : * The bind-chroot-admin script, executed when upgrading the bind-chroot package, failed to correctly update the permissions of the /var/named/chroot/etc/named.conf file. Depending on the permissions of the file, this could have prevented named from starting after installing package updates. With this update, bind-chroot-admin correctly updates the permissions and ownership of the file. (BZ#857056) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62092
    published 2012-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62092
    title RHEL 5 : bind (RHSA-2012:1267)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_4B79538BA45011E29898001060E06FD4.NASL
    description Problem description : The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65967
    published 2013-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65967
    title FreeBSD : FreeBSD -- Multiple Denial of Service vulnerabilities with named(8) (4b79538b-a450-11e2-9898-001060e06fd4)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-615.NASL
    description A remote denial of service attack was fixed in the BIND DNS nameserver, which could be caused by attackers providing a specifically prepared zone file for recursive transfer. (CVE-2012-4244)
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 74757
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74757
    title openSUSE Security Update : bind (openSUSE-SU-2012:1192-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1267.NASL
    description Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) This update also fixes the following bug : * The bind-chroot-admin script, executed when upgrading the bind-chroot package, failed to correctly update the permissions of the /var/named/chroot/etc/named.conf file. Depending on the permissions of the file, this could have prevented named from starting after installing package updates. With this update, bind-chroot-admin correctly updates the permissions and ownership of the file. (BZ#857056) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62104
    published 2012-09-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62104
    title CentOS 5 : bind (CESA-2012:1267)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2547.NASL
    description It was discovered that BIND, a DNS server, does not handle DNS records properly which approach size limits inherent to the DNS protocol. An attacker could use crafted DNS records to crash the BIND server process, leading to a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62067
    published 2012-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62067
    title Debian DSA-2547-1 : bind9 - improper assert
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1266.NASL
    description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62103
    published 2012-09-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62103
    title CentOS 5 : bind97 (CESA-2012:1266)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-13922.NASL
    description Update to the 9.9.1-P3 security release. This update also fixes following issues : - bind now uses systemd-rpm macros for starting/restarting of the named daemon. (BZ#850045) - the NetworkManager dispatcher script contained wrong path to systemcl utility. (BZ#837173) - named-chroot.service systemd unit didn't work. (BZ#825869) - bind-devel package wasn't multilib clean. (BZ#478718) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 62227
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62227
    title Fedora 18 : bind-9.9.1-10.P3.fc18 (2012-13922)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1365.NASL
    description Description of changes: [20:9.2.4-38.0.2.el4] - fix CVE-2012-4244 (Adam Tkac) [orabz 14518] - fix CVE-2012-5166 (Adam Tkac) [orabz 14518]
    last seen 2019-01-03
    modified 2019-01-02
    plugin id 68642
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68642
    title Oracle Linux 4 : bind (ELSA-2012-1365)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL14201.NASL
    description A vulnerability exists in the BIND DNS server process that may allow a remote attacker to initiate a denial-of-service (DoS) attack against the DNS service.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78143
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78143
    title F5 Networks BIG-IP : BIND denial-of-service attack (SOL14201)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120914_BIND_ON_SL6_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 62173
    published 2012-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62173
    title Scientific Linux Security Update : bind on SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-121015.NASL
    description The following issue has been fixed : - Specially crafted RDATA could have caused bind to lockup. This is a different flaw than CVE-2012-4244.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64115
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64115
    title SuSE 11.2 Security Update : bind (SAT Patch Number 6944)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1267.NASL
    description From Red Hat Security Advisory 2012:1267 : Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) This update also fixes the following bug : * The bind-chroot-admin script, executed when upgrading the bind-chroot package, failed to correctly update the permissions of the /var/named/chroot/etc/named.conf file. Depending on the permissions of the file, this could have prevented named from starting after installing package updates. With this update, bind-chroot-admin correctly updates the permissions and ownership of the file. (BZ#857056) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68624
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68624
    title Oracle Linux 5 : bind (ELSA-2012-1267)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-296.NASL
    description bind was updated to 9.8.4-P2 to fix security problems and bugs. Security Fixes Removed the check for regex.h in configure in order to disable regex syntax checking, as it exposes BIND to a critical flaw in libregex on some platforms. [CVE-2013-2266] [RT #32688] https://kb.isc.org/article/AA-00871 (bnc#811876) Prevents named from aborting with a require assertion failure on servers with DNS64 enabled. These crashes might occur as a result of specific queries that are received. (Note that this fix is a subset of a series of updates that will be included in full in BIND 9.8.5 and 9.9.3 as change #3388, RT #30996). [CVE-2012-5688] [RT #30792] A deliberately constructed combination of records could cause named to hang while populating the additional section of a response. [CVE-2012-5166] [RT #31090] Prevents a named assert (crash) when queried for a record whose RDATA exceeds 65535 bytes [CVE-2012-4244] [RT #30416] Prevents a named assert (crash) when validating caused by using 'Bad cache' data before it has been initialized. [CVE-2012-3817] [RT #30025] A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. [CVE-2012-1667] [RT #29644] New Features Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are now supported per RFC 6605. [RT #21918] Feature Changes Improves OpenSSL error logging [RT #29932] nslookup now returns a nonzero exit code when it is unable to get an answer. [RT #29492] Bug Fixes Uses binary mode to open raw files on Windows. [RT #30944] Static-stub zones now accept 'forward' and 'fowarders' options (often needed for subdomains of the zone referenced to override global forwarding options). These options are already available with traditional stub zones and their omission from zones of type 'static-stub' was an inadvertent oversight. [RT #30482] Limits the TTL of signed RRsets in cache when their RRSIGs are approaching expiry. This prevents the persistence in cache of invalid RRSIGs in order to assist recovery from a situation where zone re-signing doesn't occur in a timely manner. With this change, named will attempt to obtain new RRSIGs from the authoritative server once the original ones have expired, and even if the TTL of the old records would in other circumstances cause them to be kept in cache for longer. [RT #26429] Corrects the syntax of isc_atomic_xadd() and isc_atomic_cmpxchg() which are employed on Itanium systems to speed up lock management by making use of atomic operations. Without the syntax correction it is possible that concurrent access to the same structures could accidentally occur with unpredictable results. [RT #25181] The configure script now supports and detects libxml2-2.8.x correctly [RT #30440] The host command should no longer assert on some architectures and builds while handling the time values used with the -w (wait forever) option. [RT #18723] Invalid zero settings for max-retry-time, min-retry-time, max-refresh-time, min-refresh-time will now be detected during parsing of named.conf and an error emitted instead of triggering an assertion failure on startup. [RT #27730] Removes spurious newlines from log messages in zone.c [RT #30675] When built with readline support (i.e. on a system with readline installed) nsupdate no longer terminates unexpectedly in interactive mode. [RT #29550] All named tasks that perform task-exclusive operations now share the same single task. Prior to this change, there was the possibility of a race condition between rndc operations and other functions such as re-sizing the adb hash table. If the race condition was encountered, named would in most cases terminate unexpectedly with an assert. [RT #29872] Ensures that servers are expired from the ADB cache when the timeout limit is reached so that their learned attributes can be refreshed. Prior to this change, servers that were frequently queried might never have their entries removed and reinitialized. This is of particular importance to DNSSEC-validating recursive servers that might erroneously set 'no-edns' for an authoritative server following a period of intermittent connectivity. [RT #29856] Adds additional resilience to a previous security change (3218) by preventing RRSIG data from being added to cache when a pseudo-record matching the covering type and proving non-existence exists at a higher trust level. The earlier change prevented this inconsistent data from being retrieved from cache in response to client queries - with this additional change, the RRSIG records are no longer inserted into cache at all. [RT #26809] dnssec-settime will now issue a warning when the writing of a new private key file would cause a change in the permissions of the existing file. [RT #27724] Fixes the defect introduced by change #3314 that was causing failures when saving stub zones to disk (resulting in excessive CPU usage in some cases). [RT #29952] It is now possible to using multiple control keys again - this functionality was inadvertently broken by change #3924 (RT #28265) which addressed a memory leak. [RT #29694] Setting resolver-query-timeout too low could cause named problems recovering after a loss of connectivity. [RT #29623] Reduces the potential build-up of stale RRsets in cache on a busy recursive nameserver by re-using cached DS and RRSIG rrsets when possible [RT #29446] Corrects a failure to authenticate non-existence of resource records in some circumstances when RPZ has been configured. Also : - adds an optional 'recursive-only yes|no' to the response-policy statement - adds an optional 'max-policy-ttl' to the response-policy statement to limit the false data that 'recursive-only no' can introduce into resolvers' caches - introduces a predefined encoding of PASSTHRU policy by adding 'rpz-passthru' to be used as the target of CNAME policy records (the old encoding is still accepted.) - adds a RPZ performance test to bin/tests/system/rpz when queryperf is available. [RT #26172] Upper-case/lower-case handling of RRSIG signer-names is now handled consistently: RRSIG records are generated with the signer-name in lower case. They are accepted with any case, but if they fail to validate, we try again in lower case. [RT #27451] - Update the IPv4 address of the D root name server.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 74953
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74953
    title openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120914_BIND97_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 62171
    published 2012-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62171
    title Scientific Linux Security Update : bind97 on SL5.x i386/x86_64
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2013-004.NASL
    description The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-004 applied. This update contains several security-related fixes for the following component : - Apache - Bind - Certificate Trust Policy - ClamAV - Installer - IPSec - Mobile Device Management - OpenSSL - PHP - PostgreSQL - QuickTime - sudo Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69878
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69878
    title Mac OS X Multiple Vulnerabilities (Security Update 2013-004)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1266.NASL
    description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62091
    published 2012-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62091
    title RHEL 5 : bind97 (RHSA-2012:1266)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2013-0001.NASL
    description a. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue. b. Update to ESX/ESXi libxml2 userworld and service console The ESX/ESXi userworld libxml2 library has been updated to resolve multiple security issues. Also, the ESX service console libxml2 packages are updated to the following versions : libxml2-2.6.26-2.1.15.el5_8.5 libxml2-python-2.6.26-2.1.15.el5_8.5 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-3102 and CVE-2012-2807 to these issues. c. Update to ESX service console bind packages The ESX service console bind packages are updated to the following versions : bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2 These updates fix a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-4244 to this issue. d. Update to ESX service console libxslt package The ESX service console libxslt package is updated to version libxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, and CVE-2012-2871 to these issues.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 64642
    published 2013-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64642
    title VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1268.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 62093
    published 2012-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62093
    title RHEL 6 : bind (RHSA-2012:1268)
  • NASL family Misc.
    NASL id VMWARE_ESX_VMSA-2013-0001_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - Authentication Service - bind - libxml2 - libxslt
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 89661
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89661
    title VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0066.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99569
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99569
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-04 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy (CVE-2012-1033). BIND accepts records with zero-length RDATA fields (CVE-2012-1667). An assertion failure from the failing-query cache could occur when DNSSEC validation is enabled (CVE-2012-3817). A memory leak may occur under high TCP query loads (CVE-2012-3868). An assertion error can occur when a query is performed for a record with RDATA greater than 65535 bytes (CVE-2012-4244). Impact : A remote attacker may be able to cause a Denial of Service condition or keep domain names resolvable after it has been deleted from registration. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 62237
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62237
    title GLSA-201209-04 : BIND: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-8322.NASL
    description The following issue has been fixed : - Specially crafted RDATA could have caused bind to lockup. A different flaw than CVE-2012-4244.
    last seen 2019-02-21
    modified 2013-02-11
    plugin id 62674
    published 2012-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62674
    title SuSE 10 Security Update : bind (ZYPP Patch Number 8322)
  • NASL family DNS
    NASL id BIND9_991_P3.NASL
    description According to its self-reported version number, the remote installation of BIND will exit with an assertion failure if a resource record with RDATA in excess of 65535 bytes is loaded and then subsequently queried. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually affected.
    last seen 2019-02-21
    modified 2018-09-17
    plugin id 62119
    published 2012-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62119
    title ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-124.NASL
    description A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69614
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69614
    title Amazon Linux AMI : bind (ALAS-2012-124)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_5.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.5. The newer version contains multiple security-related fixes for the following components : - Apache - Bind - Certificate Trust Policy - CoreGraphics - ImageIO - Installer - IPSec - Kernel - Mobile Device Management - OpenSSL - PHP - PostgreSQL - Power Management - QuickTime - Screen Lock - sudo This update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit. Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69877
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69877
    title Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1268.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62126
    published 2012-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62126
    title CentOS 6 : bind (CESA-2012:1268)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1566-1.NASL
    description It was discovered that Bind incorrectly handled certain specially crafted long resource records. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 62098
    published 2012-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62098
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerability (USN-1566-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120914_BIND_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) This update also fixes the following bug : - The bind-chroot-admin script, executed when upgrading the bind-chroot package, failed to correctly update the permissions of the /var/named/chroot/etc/named.conf file. Depending on the permissions of the file, this could have prevented named from starting after installing package updates. With this update, bind-chroot-admin correctly updates the permissions and ownership of the file. Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 62172
    published 2012-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62172
    title Scientific Linux Security Update : bind on SL5.x i386/x86_64
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2012-152.NASL
    description A vulnerability was discovered and corrected in bind : A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record (CVE-2012-4244). The updated packages have been upgraded to bind 9.7.6-P3 which is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 62401
    published 2012-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62401
    title Mandriva Linux Security Advisory : bind (MDVSA-2012:152-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-14106.NASL
    description Update to the 9.9.1-P3 security release. This update also fixes following issues : - named NetworkManager dispatcher script contained wrong path to systemcl utility. (BZ#837173) - named-chroot.service unit didn't work properly. (BZ#825869) - bind-devel package wasn't multilib clean. (BZ#478718) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 62228
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62228
    title Fedora 17 : bind-9.9.1-9.P3.fc17 (2012-14106)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_BIND_20130129.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. (CVE-2012-4244)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80594
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80594
    title Oracle Solaris Third-Party Patch Update : bind (cve_2012_4244_denial_of)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1266.NASL
    description From Red Hat Security Advisory 2012:1266 : Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68623
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68623
    title Oracle Linux 5 : bind97 (ELSA-2012-1266)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-14030.NASL
    description Update to the 9.8.3-P3 security release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 62325
    published 2012-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62325
    title Fedora 16 : bind-9.8.3-4.P3.fc16 (2012-14030)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-120916.NASL
    description The bind nameserver was updated to version 9.6-ESV-R7-P3 to fix a single security problem, where loading a zone file could have caused an assertion (abort) of the named service. (CVE-2012-4244)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64114
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64114
    title SuSE 11.2 Security Update : bind (SAT Patch Number 6830)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1268.NASL
    description From Red Hat Security Advisory 2012:1268 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68625
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68625
    title Oracle Linux 6 : bind (ELSA-2012-1268)
redhat via4
advisories
  • bugzilla
    id 856754
    title CVE-2012-4244 bind: specially crafted resource record causes named to exit
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-10.P2.el5_8.3
          oval oval:com.redhat.rhsa:tst:20121266002
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-10.P2.el5_8.3
          oval oval:com.redhat.rhsa:tst:20121266006
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-10.P2.el5_8.3
          oval oval:com.redhat.rhsa:tst:20121266004
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-10.P2.el5_8.3
          oval oval:com.redhat.rhsa:tst:20121266010
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-10.P2.el5_8.3
          oval oval:com.redhat.rhsa:tst:20121266008
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
    rhsa
    id RHSA-2012:1266
    released 2012-09-14
    severity Important
    title RHSA-2012:1266: bind97 security update (Important)
  • bugzilla
    id 857056
    title bind-chroot-admin changes /etc/named.conf owhership but doesn't change it's perms
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment bind is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267002
        • comment bind is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057003
      • AND
        • comment bind-chroot is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267006
        • comment bind-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057005
      • AND
        • comment bind-devel is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267016
        • comment bind-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057007
      • AND
        • comment bind-libbind-devel is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267012
        • comment bind-libbind-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057015
      • AND
        • comment bind-libs is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267008
        • comment bind-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057017
      • AND
        • comment bind-sdb is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267014
        • comment bind-sdb is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057009
      • AND
        • comment bind-utils is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267010
        • comment bind-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057011
      • AND
        • comment caching-nameserver is earlier than 30:9.3.6-20.P1.el5_8.4
          oval oval:com.redhat.rhsa:tst:20121267004
        • comment caching-nameserver is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057013
    rhsa
    id RHSA-2012:1267
    released 2012-09-14
    severity Important
    title RHSA-2012:1267: bind security and bug fix update (Important)
  • bugzilla
    id 856754
    title CVE-2012-4244 bind: specially crafted resource record causes named to exit
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment bind is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268005
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651006
      • AND
        • comment bind-chroot is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268007
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651014
      • AND
        • comment bind-devel is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268013
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651016
      • AND
        • comment bind-libs is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268009
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651012
      • AND
        • comment bind-sdb is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268015
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651010
      • AND
        • comment bind-utils is earlier than 32:9.8.2-0.10.rc1.el6_3.3
          oval oval:com.redhat.rhsa:tst:20121268011
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651008
    rhsa
    id RHSA-2012:1268
    released 2012-09-14
    severity Important
    title RHSA-2012:1268: bind security update (Important)
  • rhsa
    id RHSA-2012:1365
rpms
  • bind97-32:9.7.0-10.P2.el5_8.3
  • bind97-chroot-32:9.7.0-10.P2.el5_8.3
  • bind97-devel-32:9.7.0-10.P2.el5_8.3
  • bind97-libs-32:9.7.0-10.P2.el5_8.3
  • bind97-utils-32:9.7.0-10.P2.el5_8.3
  • bind-30:9.3.6-20.P1.el5_8.4
  • bind-chroot-30:9.3.6-20.P1.el5_8.4
  • bind-devel-30:9.3.6-20.P1.el5_8.4
  • bind-libbind-devel-30:9.3.6-20.P1.el5_8.4
  • bind-libs-30:9.3.6-20.P1.el5_8.4
  • bind-sdb-30:9.3.6-20.P1.el5_8.4
  • bind-utils-30:9.3.6-20.P1.el5_8.4
  • caching-nameserver-30:9.3.6-20.P1.el5_8.4
  • bind-32:9.8.2-0.10.rc1.el6_3.3
  • bind-chroot-32:9.8.2-0.10.rc1.el6_3.3
  • bind-devel-32:9.8.2-0.10.rc1.el6_3.3
  • bind-libs-32:9.8.2-0.10.rc1.el6_3.3
  • bind-sdb-32:9.8.2-0.10.rc1.el6_3.3
  • bind-utils-32:9.8.2-0.10.rc1.el6_3.3
refmap via4
apple APPLE-SA-2013-09-12-1
bid 55522
confirm
debian DSA-2547
fedora
  • FEDORA-2012-13922
  • FEDORA-2012-14030
  • FEDORA-2012-14106
hp
  • HPSBOV03226
  • SSRT101004
mandriva MDVSA-2012:152
secunia
  • 50560
  • 50579
  • 50582
  • 50645
  • 50673
  • 51096
suse
  • SUSE-SU-2012:1199
  • SUSE-SU-2012:1333
  • openSUSE-SU-2012:1192
ubuntu USN-1566-1
vmware via4
description The ESX service console bind packages are updated to the following versions: bind-libs-9.3.6-20.P1.el5_8.2bind-utils-9.3.6-20.P1.el5_8.2
id VMSA-2013-0001
last_updated 2013-05-30T00:00:00
published 2013-01-31T00:00:00
title Update to ESX service console bind packages
Last major update 06-12-2016 - 22:00
Published 14-09-2012 - 06:33
Back to Top