|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 3854-1 (bind9 - security update)|
|Summary:||Several vulnerabilities were discovered in BIND, a DNS server;implementation. The Common Vulnerabilities and Exposures project;identifies the following problems:;;CVE-2017-3136;Oleg Gorokhov of Yandex discovered that BIND does not properly;handle certain queries when using DNS64 with the 'break-dnssec yes|
Several vulnerabilities were discovered in BIND, a DNS server
implementation. The Common Vulnerabilities and Exposures project
identifies the following problems:
Oleg Gorokhov of Yandex discovered that BIND does not properly
handle certain queries when using DNS64 with the 'break-dnssec yes
option, allowing a remote attacker to cause a denial-of-service.
It was discovered that BIND makes incorrect assumptions about the
ordering of records in the answer section of a response containing
CNAME or DNAME resource records, leading to situations where BIND
exits with an assertion failure. An attacker can take advantage of
this condition to cause a denial-of-service.
CVE-2017-3138Mike Lalumiere of Dyn, Inc. discovered that BIND can exit with a
REQUIRE assertion failure if it receives a null command string on
its control channel. Note that the fix applied in Debian is only
applied as a hardening measure.
bind9 on Debian Linux
For the stable distribution (jessie), these problems have been fixed in
For the unstable distribution (sid), these problems have been fixed in
We recommend that you upgrade your bind9 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2017-3136|
BugTraq ID: 97653
Debian Security Information: DSA-3854 (Google Search)
RedHat Security Advisories: RHSA-2017:1095
RedHat Security Advisories: RHSA-2017:1105
SuSE Security Announcement: openSUSE-SU-2020:1699 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1701 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2017-3137
BugTraq ID: 97651
RedHat Security Advisories: RHSA-2017:1582
RedHat Security Advisories: RHSA-2017:1583
Common Vulnerability Exposure (CVE) ID: CVE-2017-3138
BugTraq ID: 97657
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.