Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69804
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:0926
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0926.

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named)
a resolver
library (routines for applications to use when interfacing with DNS)
and
tools for verifying that the DNS server is operating correctly.

A flaw was discovered in the way BIND handled certain DNS requests. A
remote attacker could use this flaw to send a specially-crafted DNS request
packet to BIND, causing it to exit unexpectedly due to a failed assertion.
(CVE-2011-2464)

Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat
Enterprise Linux 6, are advised to upgrade to these updated packages, which
resolve this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0926.html
http://www.isc.org/software/bind/advisories/cve-2011-2464

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2464
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BugTraq ID: 48566
http://www.securityfocus.com/bid/48566
Bugtraq: 20110705 Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers (Google Search)
http://www.securityfocus.com/archive/1/518749/100/0/threaded
CERT/CC vulnerability note: VU#142646
http://www.kb.cert.org/vuls/id/142646
Debian Security Information: DSA-2272 (Google Search)
http://www.debian.org/security/2011/dsa-2272
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html
HPdes Security Advisory: HPSBUX02719
http://marc.info/?l=bugtraq&m=131983337229394&w=2
HPdes Security Advisory: SSRT100658
http://www.mandriva.com/security/advisories?name=MDVSA-2011:115
http://osvdb.org/73605
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13997
http://www.redhat.com/support/errata/RHSA-2011-0926.html
http://www.securitytracker.com/id?1025742
http://secunia.com/advisories/45082
http://secunia.com/advisories/45089
http://secunia.com/advisories/45143
http://secunia.com/advisories/45177
http://secunia.com/advisories/45185
http://secunia.com/advisories/45223
http://secunia.com/advisories/45410
http://secunia.com/advisories/45412
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.377171
SuSE Security Announcement: SUSE-SA:2011:029 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html
SuSE Security Announcement: SUSE-SU-2011:0759 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html
SuSE Security Announcement: openSUSE-SU-2011:0788 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00006.html
https://www.ubuntu.com/usn/USN-1163-1/
XForce ISS Database: iscbind-update-dos(68375)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68375
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.