Lucene search
RedHatRHSA-2017:1105HistoryApr 20, 2017 - 8:30 a.m.
(RHSA-2017:1105) Important: bind security update
2017-04-2008:30:27
access.redhat.com
49
0.191 Low
EPSS
Percentile
96.3%
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
-
A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137)
-
A denial of service flaw was found in the way BIND handled query requests when using DNS64 with “break-dnssec yes” option. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3136)
Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Oleg Gorokhov (Yandex) as the original reporter of CVE-2017-3136.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | bind-sdb | < 9.8.2-0.62.rc1.el6_9.1 | bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm |
| RedHat | 6 | i686 | bind-debuginfo | < 9.8.2-0.62.rc1.el6_9.1 | bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm |
| RedHat | 6 | s390x | bind-sdb | < 9.8.2-0.62.rc1.el6_9.1 | bind-sdb-9.8.2-0.62.rc1.el6_9.1.s390x.rpm |
| RedHat | 6 | i686 | bind | < 9.8.2-0.62.rc1.el6_9.1 | bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm |
| RedHat | 6 | s390x | bind | < 9.8.2-0.62.rc1.el6_9.1 | bind-9.8.2-0.62.rc1.el6_9.1.s390x.rpm |
| RedHat | 6 | x86_64 | bind-devel | < 9.8.2-0.62.rc1.el6_9.1 | bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm |
| RedHat | 6 | i686 | bind-chroot | < 9.8.2-0.62.rc1.el6_9.1 | bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpm |
| RedHat | 6 | x86_64 | bind | < 9.8.2-0.62.rc1.el6_9.1 | bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm |
| RedHat | 6 | x86_64 | bind-utils | < 9.8.2-0.62.rc1.el6_9.1 | bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm |
| RedHat | 6 | ppc | bind-devel | < 9.8.2-0.62.rc1.el6_9.1 | bind-devel-9.8.2-0.62.rc1.el6_9.1.ppc.rpm |
Related
nessus
nessus
Oracle Linux 6 : bind (ELSA-2017-1105)
2017-04-21 00:00:00
Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20170420)
2017-04-21 00:00:00
Scientific Linux Security Update : bind on SL7.x x86_64 (20170419)
2017-04-20 00:00:00
openvas
openvas
CentOS Update for bind CESA-2017:1105 centos6
2017-04-21 00:00:00
CentOS Update for bind CESA-2017:1095 centos7
2017-04-20 00:00:00
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2017-1077)
2020-01-23 00:00:00
amazon
amazon
Important: bind
2017-04-27 00:07:00
redhat
redhat
(RHSA-2017:1095) Important: bind security update
2017-04-19 04:10:01
(RHSA-2017:1582) Important: bind security and bug fix update
2017-06-28 07:45:28
(RHSA-2017:1583) Important: bind security and bug fix update
2017-06-28 08:01:41
centos
centos
bind security update
2017-04-20 22:44:08
bind security update
2017-04-19 16:57:53
oraclelinux
oraclelinux
bind security update
2017-04-19 00:00:00
bind security update
2017-04-20 00:00:00
avleonov
avleonov
Adding third party nasl plugins to OpenVAS
2017-06-30 16:46:24
fedora
fedora
[SECURITY] Fedora 25 Update: bind-9.10.4-4.P8.fc25
2017-04-19 09:32:38
[SECURITY] Fedora 25 Update: bind99-9.9.9-4.P8.fc25
2017-04-19 09:32:40
[SECURITY] Fedora 24 Update: bind99-9.9.9-4.P8.fc24
2017-05-06 23:52:20
osv
osv
bind9 - security update
2017-05-14 00:00:00
bind9 - security update
2017-05-28 00:00:00
CVE-2017-3137
2019-01-16 20:29:00
slackware
slackware
[slackware-security] bind
2017-04-13 21:28:31
debian
debian
[SECURITY] [DSA 3854-1] bind9 security update
2017-05-14 17:47:46
[SECURITY] [DLA 957-1] bind9 security update
2017-05-28 13:21:05
[SECURITY] [DSA 3854-1] bind9 security update
2017-05-14 17:47:46
altlinux
altlinux
Security fix for the ALT Linux 9 package bind version 9.10.4.P8-alt1
2017-04-12 00:00:00
Security fix for the ALT Linux 8 package bind version 9.10.4.P8-alt1
2017-04-12 00:00:00
ubuntu
ubuntu
Bind vulnerabilities
2017-04-17 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSource ISC Bind affects IBM Netezza Host Management
2019-10-18 03:10:29
Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138)
2019-12-18 14:26:38
Security Bulletin: Vulnerabilities in Bind affect PowerKVM
2018-06-18 01:36:01
freebsd
freebsd
BIND -- multiple vulnerabilities
2017-04-12 00:00:00
cisa
cisa
ISC Releases Security Updates for BIND
2017-04-12 00:00:00
cloudfoundry
cloudfoundry
USN-3259-1: Bind vulnerabilities | Cloud Foundry
2017-05-01 00:00:00
archlinux
archlinux
[ASA-201704-11] bind: denial of service
2017-04-29 00:00:00
suse
suse
Security update for bind (important)
2017-04-13 06:10:58
Security update for bind (important)
2017-04-18 06:09:37
Security update for bind (important)
2017-04-13 06:09:37
nvd
nvd
f5
f5
K30164784 : BIND vulnerability CVE-2017-3137
2017-04-26 00:00:00
K43084130 : BIND vulnerability CVE-2018-5735
2018-03-06 00:00:00
K23598445 : BIND vulnerabilities CVE-2017-3136 and CVE-2017-3138
2017-04-24 00:00:00
checkpoint_advisories
checkpoint_advisories
ubuntucve
ubuntucve
alpinelinux
alpinelinux
CVE-2017-3136
2019-01-16 20:29:00
CVE-2017-3137
2019-01-16 20:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:55
Denial Of Service (DoS)
2019-01-17 05:20:33
debiancve
debiancve
prion
prion
Code injection
2019-01-16 20:29:00
Design/Logic Flaw
2019-01-16 20:29:00
Authentication flaw
2019-10-30 14:15:00
cve
cve
redhatcve
redhatcve
cvelist
cvelist
attackerkb
attackerkb
gentoo
gentoo
BIND: Multiple vulnerabilities
2017-08-17 00:00:00
mageia
mageia
Updated bind packages fix security vulnerability
2017-12-31 15:00:06