Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2011.0061 A number of vulnerabilities have been identified in BIND 3 August 2011 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: BIND Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2011-2464 CVE-2011-1910 Member content until: Friday, September 2 2011 Reference: ESB-2011.0694 ESB-2011.0568 OVERVIEW A number of vulnerabilities have been identified in BIND prior to versions BIND 9.6-ESV-R5 and 9.7.4. [1, 2] IMPACT The vendor has provided the following details regarding these vulnerabilities: "* named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464]" [1] MITIGATION The vendor recommends upgrading to the latest version of BIND. [1, 2] REFERENCES [1] BIND 9.7.4 is the current production release of BIND 9.7 ftp://ftp.isc.org/isc/bind9/9.7.4/RELEASE-NOTES-BIND-9.7.4.html [2] BIND 9.6-ESV-R5 is the current production release of BIND 9.6 ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBTjjQFO4yVqjM2NGpAQKq2BAArCnSyqhAu18aSO2V9fjF1KY0guh3BeEn jCyvMCt49uWfWv1SC9PDW7QZH/+j50pF6fL1S6xXtdxnlVC5jgWYDvqx2QRcOnif Ngw8k55WAMox29brp0RLcEoK7e1Hsj9kqjcd6ULdQmTQN1QJYnDBUa3DTcUg432H moeqGAXdmffY2+84K2PCFWDwxIGWlEphMarqQs14LQKYbgqBCPwWsk6o6rjhBlUb CvsWC2e7Shmn7dPzBrtGIdk5QJZmrayhjGIEtYXPFZR8dK83duE2vCmKz8cDMZ2/ u/XL5SI9TYQniNuRVII/Qm6K60srIDOLft4PTGWbhFWxvv5OE6eeZVODrDC46Fso 7mGhnM4fkNMrVrY5p7lKIxixgpD8JSeYQ8EfwusSzoZzXmfiYpPgSSqm8qAoLKP2 ooNBl70obP0GJlZKpE8Tehpu4tXclLCf5nDLcu3cQNuaGKmUAc7sYrakKO1qn1Gi 7aCAT5Jlb5wlebSt7KI0tjMdyuQk92A3f3kqWQjxesgab80sT6rgSaW2mQinYiTU IrAsghGfatnaAftCn+eMjQ7hyGxGLqf6wZOrw0dB+IHVk0aOa1wb0J44Y0lOIPPq a9sqAOnCYi7KibvRyUETn7RFTlJJ6nsnpqWt3uPW7CUCtPB94smGaWSLux0xRGRU sZJI7w5h9BQ= =RGkc -----END PGP SIGNATURE-----