Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1458
HistoryNov 18, 2011 - 1:24 p.m.

bind, caching security update

2011-11-1813:24:22
CentOS Project
lists.centos.org
55

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.104

Percentile

95.0%

JSON

CentOS Errata and Security Advisory CESA-2011:1458

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

A flaw was discovered in the way BIND handled certain DNS queries, which
caused it to cache an invalid record. A remote attacker could use this
flaw to send repeated queries for this invalid record, causing the
resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)

Users of bind are advised to upgrade to these updated packages, which
resolve this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-November/080369.html
https://lists.centos.org/pipermail/centos-announce/2011-November/080370.html

Affected packages:
bind
bind-chroot
bind-devel
bind-libbind-devel
bind-libs
bind-sdb
bind-utils
caching-nameserver

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1458

OSVersionArchitecturePackageVersionFilename
CentOS5i386bind< 9.3.6-16.P1.el5_7.1bind-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-chroot< 9.3.6-16.P1.el5_7.1bind-chroot-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-devel< 9.3.6-16.P1.el5_7.1bind-devel-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-libbind-devel< 9.3.6-16.P1.el5_7.1bind-libbind-devel-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-libs< 9.3.6-16.P1.el5_7.1bind-libs-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-sdb< 9.3.6-16.P1.el5_7.1bind-sdb-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386bind-utils< 9.3.6-16.P1.el5_7.1bind-utils-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5i386caching-nameserver< 9.3.6-16.P1.el5_7.1caching-nameserver-9.3.6-16.P1.el5_7.1.i386.rpm
CentOS5x86_64bind< 9.3.6-16.P1.el5_7.1bind-9.3.6-16.P1.el5_7.1.x86_64.rpm
CentOS5x86_64bind-chroot< 9.3.6-16.P1.el5_7.1bind-chroot-9.3.6-16.P1.el5_7.1.x86_64.rpm
Rows per page:
1-10 of 191

Related

nessus 39
debian 1
fedora 9
f5 2
openvas 55
oraclelinux 3
cve 2
cisa 1
centos 2
ubuntucve 1
nvd 2
redhat 3
suse 5
amazon 1
veracode 1
thn 1
securityvulns 3
prion 1
debiancve 1
freebsd 1
ubuntu 1
threatpost 1
freebsd_advisory 1
cvelist 1
cert 1
altlinux 4
gentoo 1
nessus
nessus
Oracle Linux 5 : bind97 (ELSA-2011-1459)
2013-07-12 00:00:00
ISC BIND 9 Query.c Logging Resolver Denial of Service
2011-11-17 00:00:00
F5 Networks BIG-IP : BIND vulnerability (SOL14204)
2014-10-10 00:00:00
debian
debian
[SECURITY] [DSA 2347-1] bind9 security update
2011-11-16 20:44:22
fedora
fedora
[SECURITY] Fedora 16 Update: bind-9.8.1-4.P1.fc16
2011-11-19 06:03:27
[SECURITY] Fedora 15 Update: bind-9.8.1-3.P1.fc15
2011-11-25 23:25:02
[SECURITY] Fedora 16 Update: bind-9.8.3-2.P1.fc16
2012-06-15 12:24:27
f5
f5
K14204 : BIND vulnerability CVE-2011-4313
2013-09-10 00:00:00
SOL14204 - BIND vulnerability CVE-2011-4313
2013-02-12 00:00:00
openvas
openvas
CentOS Update for bind97 CESA-2011:1459 centos5 x86_64
2012-07-30 00:00:00
FreeBSD Ports: bind96
2012-02-13 00:00:00
Debian Security Advisory DSA 2347-1 (bind9)
2012-02-11 00:00:00
oraclelinux
oraclelinux
bind97 security update
2011-11-17 00:00:00
bind security update
2011-11-29 00:00:00
bind security update
2011-11-17 00:00:00
cve
cve
CVE-2011-4313
2011-11-29 17:55:02
CVE-2011-4456
2022-10-03 16:15:13
cisa
cisa
Internet Systems Consortium Releases BIND-P1 Patches
2011-11-17 00:00:00
centos
centos
bind security update
2011-11-29 18:31:45
bind97 security update
2011-11-18 13:25:41
ubuntucve
ubuntucve
CVE-2011-4313
2011-11-16 00:00:00
nvd
nvd
CVE-2011-4313
2011-11-29 17:55:02
CVE-2011-4456
2011-11-16 19:55:00
redhat
redhat
(RHSA-2011:1496) Important: bind security update
2011-11-29 00:00:00
(RHSA-2011:1459) Important: bind97 security update
2011-11-17 00:00:00
(RHSA-2011:1458) Important: bind security update
2011-11-17 00:00:00
suse
suse
Security update for bind (important)
2011-11-22 02:08:16
bind (important)
2011-11-22 13:08:45
Security update for bind (important)
2011-11-22 01:08:39
amazon
amazon
Important: bind
2011-11-30 21:59:00
veracode
veracode
Denial Of Service(DoS)
2020-04-10 01:04:31
thn
thn
Patches Released for BIND Denial-of-service Vulnerability
2011-11-17 21:43:00
securityvulns
securityvulns
[USN-1264-1] Bind vulnerability
2011-11-20 00:00:00
bind DNS server DoS
2011-11-20 00:00:00
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004
2012-09-24 00:00:00
prion
prion
Design/Logic Flaw
2011-11-29 17:55:00
debiancve
debiancve
CVE-2011-4313
2011-11-29 17:55:02
freebsd
freebsd
BIND -- Remote DOS
2011-11-16 00:00:00
ubuntu
ubuntu
Bind vulnerability
2011-11-16 00:00:00
threatpost
threatpost
New Flaw in BIND Causing Server Crashes
2011-11-16 19:29:10
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:06.bind
2011-12-23 00:00:00
cvelist
cvelist
CVE-2011-4313
2011-11-29 17:00:00
cert
cert
ISC BIND 9 resolver denial of service vulnerability
2011-11-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 8 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 7 package bind version 9.3.6-alt7
2011-12-16 00:00:00
gentoo
gentoo
BIND: Multiple vulnerabilities
2012-06-02 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.104

Percentile

95.0%

JSON
Related for CESA-2011:1458
nessus39debian1fedora9f52openvas55oraclelinux3cve2cisa1centos2ubuntucve1nvd2redhat3suse5amazon1veracode1thn1securityvulns3prion1debiancve1freebsd1ubuntu1threatpost1freebsd_advisory1cvelist1cert1altlinux4gentoo1