Veracode Vulnerability DatabaseVERACODE:11132Denial Of Service
EPSS
Percentile
97.1%
BIND is susceptible to denial of service. The vulnerability is possible because it does not properly handle resource records with a large RDATA value, allowing the attacker to create malicious DNS resource records causing recursive resolver or secondary server to exit unexpectedly with an assertion failure.
References
lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html
lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html
lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html
lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html
lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html
lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html
marc.info/?l=bugtraq&m=141879471518471&w=2
rhn.redhat.com/errata/RHSA-2012-1266.html
rhn.redhat.com/errata/RHSA-2012-1267.html
rhn.redhat.com/errata/RHSA-2012-1268.html
rhn.redhat.com/errata/RHSA-2012-1365.html
secunia.com/advisories/50560
secunia.com/advisories/50579
secunia.com/advisories/50582
secunia.com/advisories/50645
secunia.com/advisories/50673
secunia.com/advisories/51096
support.apple.com/kb/HT5880
www.debian.org/security/2012/dsa-2547
www.isc.org/software/bind/advisories/cve-2012-4244
www.mandriva.com/security/advisories?name=MDVSA-2012:152
www.securityfocus.com/bid/55522
www.ubuntu.com/usn/USN-1566-1
access.redhat.com/security/updates/classification/#important
h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
kb.isc.org/article/AA-00778
rhn.redhat.com/errata/RHSA-2012-1266.html
security.netapp.com/advisory/ntap-20221209-0008/
Related
