FreeBSD Security Advisory FreeBSD-SA-11:03.bind
budsz
budiyt at gmail.com
Sat Oct 1 06:01:41 UTC 2011
On Wed, Sep 28, 2011 at 4:05 PM, FreeBSD Security Advisories
<security-advisories at freebsd.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> =============================================================================
> FreeBSD-SA-11:03.bind Security Advisory
> The FreeBSD Project
>
> Topic: Remote packet Denial of Service against named(8) servers
>
> Category: contrib
> Module: bind
> Announced: 2011-09-28
> Credits: Roy Arends
> Affects: 8.2-STABLE after 2011-05-28 and prior to the correction date
> Corrected: 2011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE)
> CVE Name: CVE-2011-2464
>
> Note: This advisory concerns a vulnerability which existed only in
> the FreeBSD 8-STABLE branch and was fixed over two months prior to the
> date of this advisory.
>
> For general information regarding FreeBSD Security Advisories,
> including descriptions of the fields above, security branches, and the
> following sections, please visit <URL:http://security.FreeBSD.org/>.
>
> I. Background
>
> BIND 9 is an implementation of the Domain Name System (DNS) protocols.
> The named(8) daemon is an Internet Domain Name Server.
>
> II. Problem Description
>
> A logic error in the BIND code causes the BIND daemon to accept bogus
> data, which could cause the daemon to crash.
>
> III. Impact
>
> An attacker able to send traffic to the BIND daemon can cause it to
> crash, resulting in a denial of service.
>
> IV. Workaround
>
> No workaround is available, but systems not running the BIND name server
> are not affected.
>
> V. Solution
>
> Upgrade your vulnerable system to 8-STABLE dated after the correction
> date.
>
> VI. Correction details
>
> The following list contains the revision numbers of each file that was
> corrected in FreeBSD.
>
> CVS:
>
> Branch Revision
> Path
> - -------------------------------------------------------------------------
> RELENG_8
> src/contrib/bind9/lib/dns/message.c 1.3.2.3
> - -------------------------------------------------------------------------
>
> Subversion:
>
> Branch/path
> Revision
> - -------------------------------------------------------------------------
> stable/8/ r223815
> - -------------------------------------------------------------------------
>
> VII. References
>
> http://www.isc.org/software/bind/advisories/cve-2011-2464
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
>
> The latest revision of this advisory is available at
> http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.18 (FreeBSD)
>
> iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG
> 9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK
> =aUvD
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
Only updating to 8.X for solution? there is no patch for this advisory?
Thank You
--
budsz
More information about the freebsd-security
mailing list