var-201301-0132
Vulnerability from variot
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. The following are affected: ISC BIND 9.8.0 through versions 9.8.4-P1 ISC BIND 9.9.0 through versions 9.9.2-P1. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: ISC BIND AAAA Record Lookup Handling Assertion Failure Vulnerability
SECUNIA ADVISORY ID: SA51969
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51969/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51969
RELEASE DATE: 2013-01-25
DISCUSS ADVISORY: http://secunia.com/advisories/51969/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51969/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51969
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). This can be exploited to trigger an assertion failure and terminate the named process.
Successful exploitation requires that both DNS64 and Response Policy Zones are configured and that A rewrite rules are maintained but not AAAA rewrite rules.
The vulnerability is reported in versions 9.8.0 through 9.8.4-P1 and 9.9.0 through 9.9.2-P1.
SOLUTION: As a workaround ensure that the RPZ contains a AAAA rewrite rule for every A rewrite rule. The vulnerability will be fixed in a beta version scheduled to be released on January 24, 2013.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Pories Ediansyah, Institut Teknologi Bandung.
ORIGINAL ADVISORY: http://www.isc.org/software/bind/advisories/cve-2012-5689 https://kb.isc.org/article/AA-00855
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-34
http://security.gentoo.org/
Severity: Normal Title: BIND: Denial of Service Date: January 29, 2014 Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016 ID: 201401-34
Synopsis
Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.9.4_p2 >= 9.9.4_p2
Description
Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker may be able to cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.4_p2"
References
[ 1 ] CVE-2012-5166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166 [ 2 ] CVE-2012-5688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688 [ 3 ] CVE-2012-5689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689 [ 4 ] CVE-2013-2266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266 [ 5 ] CVE-2013-3919 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919 [ 6 ] CVE-2013-4854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854 [ 7 ] CVE-2014-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-34.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-2693-1 July 28, 2015
bind9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Software Description: - bind9: Internet Domain Name Server
Details:
Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. (CVE-2015-5477)
Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-5689)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: bind9 1:9.9.5.dfsg-9ubuntu0.2
Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.4
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.12
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: bind security and enhancement update Advisory ID: RHSA-2013:0550-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0550.html Issue date: 2013-02-21 CVE Names: CVE-2012-5689 =====================================================================
- Summary:
Updated bind packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. DNS64 is used to automatically generate DNS records so IPv6 based clients can access IPv4 systems through a NAT64 server.
A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. (CVE-2012-5689)
This update also adds the following enhancement:
- Previously, it was impossible to configure the the maximum number of responses sent per second to one client. This allowed remote attackers to conduct traffic amplification attacks using DNS queries with spoofed source IP addresses. With this update, it is possible to use the new "rate-limit" configuration option in named.conf and configure the maximum number of queries which the server responds to. Refer to the BIND documentation for more details about the "rate-limit" option. (BZ#906312)
All bind users are advised to upgrade to these updated packages, which contain patches to correct this issue and add this enhancement. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
903417 - CVE-2012-5689 bind: denial of service when processing queries and with both DNS64 and RPZ enabled 906312 - bind: Backport Response Rate Limiting (DNS RRL) patch into Red Hat Enterprise Linux 6
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-9.8.2-0.17.rc1.el6.3.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm
x86_64: bind-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
x86_64: bind-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-9.8.2-0.17.rc1.el6.3.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm
ppc64: bind-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-libs-9.8.2-0.17.rc1.el6.3.ppc.rpm bind-libs-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-utils-9.8.2-0.17.rc1.el6.3.ppc64.rpm
s390x: bind-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-libs-9.8.2-0.17.rc1.el6.3.s390.rpm bind-libs-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-utils-9.8.2-0.17.rc1.el6.3.s390x.rpm
x86_64: bind-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-devel-9.8.2-0.17.rc1.el6.3.ppc.rpm bind-devel-9.8.2-0.17.rc1.el6.3.ppc64.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.17.rc1.el6.3.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-devel-9.8.2-0.17.rc1.el6.3.s390.rpm bind-devel-9.8.2-0.17.rc1.el6.3.s390x.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-9.8.2-0.17.rc1.el6.3.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm
x86_64: bind-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm bind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm bind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5689.html https://access.redhat.com/security/updates/classification/#moderate http://www.isc.org/software/bind/advisories/cve-2012-5689
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRJnU0XlSAg2UNWIIRAqmKAJ9aw1xBPz0zvjWoO1dx8iwrf3KvTwCgh+FG AQqiP7kshwm4ZGsABl1I61k= =gqtc -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201301-0132", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ubuntu linux", "scope": "eq", "trust": 1.6, "vendor": "canonical", "version": "15.04" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.6, "vendor": "canonical", "version": "14.04" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.6, "vendor": "canonical", "version": "12.04" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.8.4" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.9.2" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.9.1" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.9.0" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.8.3" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.0" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.4" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.1" }, { "model": "enterprise linux server eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.4.z" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.2" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.8.x to 9.8.4-p1" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.9.x to 9.9.2-p1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "15.04" }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.04" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.8" }, { "model": "bind 9.9.2-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.9.1-p4", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.9.1-p3", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.9.1-p2", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.9.1-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.4-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.3-p4", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.3-p3", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.3-p2", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.3-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.1b1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.1-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.0-p4", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.0-p3", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.0-p2", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "bind 9.8.0-p1", "scope": null, "trust": 0.3, "vendor": "isc", "version": null }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "big-ip ltm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip ltm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip ltm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip gtm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip gtm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip gtm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip gtm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip gtm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip gtm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip gtm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip gtm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "6" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura experience portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura experience portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" } ], "sources": [ { "db": "BID", "id": "57556" }, { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2012-5689" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Pories Ediansyah of Institut Teknologi Bandung", "sources": [ { "db": "BID", "id": "57556" } ], "trust": 0.3 }, "cve": "CVE-2012-5689", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.1, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2012-5689", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2012-5689", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201301-514", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. \nThe following are affected:\nISC BIND 9.8.0 through versions 9.8.4-P1\nISC BIND 9.9.0 through versions 9.9.2-P1. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nISC BIND AAAA Record Lookup Handling Assertion Failure Vulnerability\n\nSECUNIA ADVISORY ID:\nSA51969\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51969/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51969\n\nRELEASE DATE:\n2013-01-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51969/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51969/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51969\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in ISC BIND, which can be exploited\nby malicious people to cause a DoS (Denial of Service). This can be exploited\nto trigger an assertion failure and terminate the named process. \n\nSuccessful exploitation requires that both DNS64 and Response Policy\nZones are configured and that A rewrite rules are maintained but not\nAAAA rewrite rules. \n\nThe vulnerability is reported in versions 9.8.0 through 9.8.4-P1 and\n9.9.0 through 9.9.2-P1. \n\nSOLUTION:\nAs a workaround ensure that the RPZ contains a AAAA rewrite rule for\nevery A rewrite rule. The vulnerability will be fixed in a beta\nversion scheduled to be released on January 24, 2013. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Pories Ediansyah, Institut Teknologi Bandung. \n\nORIGINAL ADVISORY:\nhttp://www.isc.org/software/bind/advisories/cve-2012-5689\nhttps://kb.isc.org/article/AA-00855\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-34\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: BIND: Denial of Service\n Date: January 29, 2014\n Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016\n ID: 201401-34\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in BIND, possibly resulting in\nDenial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.9.4_p2 \u003e= 9.9.4_p2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in BIND. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker may be able to cause a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.9.4_p2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166\n[ 2 ] CVE-2012-5688\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688\n[ 3 ] CVE-2012-5689\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689\n[ 4 ] CVE-2013-2266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266\n[ 5 ] CVE-2013-3919\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919\n[ 6 ] CVE-2013-4854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854\n[ 7 ] CVE-2014-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-34.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ============================================================================\nUbuntu Security Notice USN-2693-1\nJuly 28, 2015\n\nbind9 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nJonathan Foote discovered that Bind incorrectly handled certain TKEY\nqueries. \n(CVE-2015-5477)\n\nPories Ediansyah discovered that Bind incorrectly handled certain\nconfigurations involving DNS64. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-5689)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n bind9 1:9.9.5.dfsg-9ubuntu0.2\n\nUbuntu 14.04 LTS:\n bind9 1:9.9.5.dfsg-3ubuntu0.4\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.12\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: bind security and enhancement update\nAdvisory ID: RHSA-2013:0550-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0550.html\nIssue date: 2013-02-21\nCVE Names: CVE-2012-5689 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix one security issue and add one enhancement\nare now available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly. \nDNS64 is used to automatically generate DNS records so IPv6 based clients\ncan access IPv4 systems through a NAT64 server. \n\nA flaw was found in the DNS64 implementation in BIND when using Response\nPolicy Zones (RPZ). If a remote attacker sent a specially-crafted query to\na named server that is using RPZ rewrite rules, named could exit\nunexpectedly with an assertion failure. Note that DNS64 support is not\nenabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement:\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers to\nconduct traffic amplification attacks using DNS queries with spoofed source\nIP addresses. With this update, it is possible to use the new \"rate-limit\"\nconfiguration option in named.conf and configure the maximum number of\nqueries which the server responds to. Refer to the BIND documentation for\nmore details about the \"rate-limit\" option. (BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n903417 - CVE-2012-5689 bind: denial of service when processing queries and with both DNS64 and RPZ enabled\n906312 - bind: Backport Response Rate Limiting (DNS RRL) patch into Red Hat Enterprise Linux 6\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nppc64:\nbind-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.ppc.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.s390.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.ppc.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.ppc64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.s390.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.s390x.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.17.rc1.el6.3.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6.3.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5689.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttp://www.isc.org/software/bind/advisories/cve-2012-5689\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRJnU0XlSAg2UNWIIRAqmKAJ9aw1xBPz0zvjWoO1dx8iwrf3KvTwCgh+FG\nAQqiP7kshwm4ZGsABl1I61k=\n=gqtc\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "BID", "id": "57556" }, { "db": "PACKETSTORM", "id": "119841" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "132857" }, { "db": "PACKETSTORM", "id": "120468" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-5689", "trust": 3.1 }, { "db": "ISC", "id": "AA-00855", "trust": 2.0 }, { "db": "SECUNIA", "id": "51969", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2013-001275", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201301-514", "trust": 0.6 }, { "db": "BID", "id": "57556", "trust": 0.3 }, { "db": "PACKETSTORM", "id": "119841", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "124979", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132857", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120468", "trust": 0.1 } ], "sources": [ { "db": "BID", "id": "57556" }, { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "PACKETSTORM", "id": "119841" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "132857" }, { "db": "PACKETSTORM", "id": "120468" }, { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "id": "VAR-201301-0132", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.42858723 }, "last_update_date": "2023-12-18T11:02:03.409000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ", "trust": 0.8, "url": "https://kb.isc.org/article/aa-00855/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001275" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.0 }, { "problemtype": "CWE-DesignError", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "NVD", "id": "CVE-2012-5689" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://kb.isc.org/article/aa-00855/" }, { "trust": 1.5, "url": "http://www.isc.org/software/bind/advisories/cve-2012-5689" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-2693-1" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2013-0550.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5689" }, { "trust": 0.8, "url": "http://jprs.jp/tech/security/2013-01-25-bind98-vuln-dns64-rpz.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5689" }, { "trust": 0.6, "url": "http://secunia.com/advisories/51969" }, { "trust": 0.4, "url": "https://kb.isc.org/article/aa-00855" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100170230" }, { "trust": 0.3, "url": "http://www.isc.org/products/bind/" }, { "trust": 0.3, "url": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14601.html?ref=rss" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5689" }, { "trust": 0.1, "url": "http://secunia.com/advisories/51969/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51969" }, { "trust": 0.1, "url": "http://secunia.com/advisories/51969/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/blog/325/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0591" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3919" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3919" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5688" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5689" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201401-34.xml" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2266" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5688" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2266" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5166" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4854" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5166" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0591" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4854" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-9ubuntu0.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.4" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.12" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5689.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://access.redhat.com/knowledge/articles/11258" } ], "sources": [ { "db": "BID", "id": "57556" }, { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "PACKETSTORM", "id": "119841" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "132857" }, { "db": "PACKETSTORM", "id": "120468" }, { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "57556" }, { "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "db": "PACKETSTORM", "id": "119841" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "132857" }, { "db": "PACKETSTORM", "id": "120468" }, { "db": "NVD", "id": "CVE-2012-5689" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-01-24T00:00:00", "db": "BID", "id": "57556" }, { "date": "2013-01-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "date": "2013-01-25T05:11:42", "db": "PACKETSTORM", "id": "119841" }, { "date": "2014-01-30T01:18:39", "db": "PACKETSTORM", "id": "124979" }, { "date": "2015-07-29T01:00:31", "db": "PACKETSTORM", "id": "132857" }, { "date": "2013-02-21T22:46:26", "db": "PACKETSTORM", "id": "120468" }, { "date": "2013-01-25T12:00:46.087000", "db": "NVD", "id": "CVE-2012-5689" }, { "date": "2013-01-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-08-12T22:23:00", "db": "BID", "id": "57556" }, { "date": "2013-01-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001275" }, { "date": "2016-08-19T18:31:01.430000", "db": "NVD", "id": "CVE-2012-5689" }, { "date": "2013-01-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201301-514" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "132857" }, { "db": "PACKETSTORM", "id": "120468" }, { "db": "CNNVD", "id": "CNNVD-201301-514" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ISC BIND Service disruption in ( Violation of representation and named Terminate daemon ) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001275" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation", "sources": [ { "db": "CNNVD", "id": "CNNVD-201301-514" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.