Date: Sat, 1 Oct 2011 12:35:08 +0700 From: budsz <budiyt@gmail.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-11:03.bind Message-ID: <CADM2n7gnnQJ2A2TB4=SpWEMOpZu07MBFpn_rSFLyep_ZHwrZFg@mail.gmail.com> In-Reply-To: <201109280905.p8S95pmZ098559@freefall.freebsd.org> References: <201109280905.p8S95pmZ098559@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 28, 2011 at 4:05 PM, FreeBSD Security Advisories <security-advisories@freebsd.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ============================================================================= > FreeBSD-SA-11:03.bind Security Advisory > The FreeBSD Project > > Topic: Remote packet Denial of Service against named(8) servers > > Category: contrib > Module: bind > Announced: 2011-09-28 > Credits: Roy Arends > Affects: 8.2-STABLE after 2011-05-28 and prior to the correction date > Corrected: 2011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE) > CVE Name: CVE-2011-2464 > > Note: This advisory concerns a vulnerability which existed only in > the FreeBSD 8-STABLE branch and was fixed over two months prior to the > date of this advisory. > > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:http://security.FreeBSD.org/>. > > I. Background > > BIND 9 is an implementation of the Domain Name System (DNS) protocols. > The named(8) daemon is an Internet Domain Name Server. > > II. Problem Description > > A logic error in the BIND code causes the BIND daemon to accept bogus > data, which could cause the daemon to crash. > > III. Impact > > An attacker able to send traffic to the BIND daemon can cause it to > crash, resulting in a denial of service. > > IV. Workaround > > No workaround is available, but systems not running the BIND name server > are not affected. > > V. Solution > > Upgrade your vulnerable system to 8-STABLE dated after the correction > date. > > VI. Correction details > > The following list contains the revision numbers of each file that was > corrected in FreeBSD. > > CVS: > > Branch Revision > Path > - ------------------------------------------------------------------------- > RELENG_8 > src/contrib/bind9/lib/dns/message.c 1.3.2.3 > - ------------------------------------------------------------------------- > > Subversion: > > Branch/path > Revision > - ------------------------------------------------------------------------- > stable/8/ r223815 > - ------------------------------------------------------------------------- > > VII. References > > http://www.isc.org/software/bind/advisories/cve-2011-2464 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 > > The latest revision of this advisory is available at > http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.18 (FreeBSD) > > iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG > 9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK > =aUvD > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > Only updating to 8.X for solution? there is no patch for this advisory? Thank You -- budsz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADM2n7gnnQJ2A2TB4=SpWEMOpZu07MBFpn_rSFLyep_ZHwrZFg>