LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

bind9: denial of service

Package(s):bind9 CVE #(s):CVE-2012-4244
Created:September 13, 2012 Updated:October 15, 2012
Description:

From the Debian advisory:

It was discovered that BIND, a DNS server, does not handle DNS records properly which approach size limits inherent to the DNS protocol. An attacker could use crafted DNS records to crash the BIND server process, leading to a denial of service.

Alerts:
Debian DSA-2547-1 2012-09-12
Mandriva MDVSA-2012:152 2012-09-13
Ubuntu USN-1566-1 2012-09-13
CentOS CESA-2012:1267 2012-09-14
CentOS CESA-2012:1268 2012-09-14
CentOS CESA-2012:1266 2012-09-14
Red Hat RHSA-2012:1267-01 2012-09-14
Red Hat RHSA-2012:1268-01 2012-09-14
Red Hat RHSA-2012:1266-01 2012-09-14
Mageia MGASA-2012-0269 2012-09-13
Slackware SSA:2012-257-01 2012-09-13
Oracle ELSA-2012-1268 2012-09-14
Oracle ELSA-2012-1267 2012-09-14
Oracle ELSA-2012-1266 2012-09-14
Scientific Linux SL-bind-20120917 2012-09-17
Scientific Linux SL-bind-20120917 2012-09-17
Scientific Linux SL-bind-20120917 2012-09-17
openSUSE openSUSE-SU-2012:1192-1 2012-09-17
SUSE SUSE-SU-2012:1199-1 2012-09-18
Fedora FEDORA-2012-14106 2012-09-23
Gentoo 201209-04 2012-09-23
Fedora FEDORA-2012-14030 2012-09-27
Mandriva MDVSA-2012:152-1 2012-10-02
Red Hat RHSA-2012:1365-01 2012-10-12
SUSE SUSE-SU-2012:1333-1 2012-10-13
Oracle ELSA-2012-1365 2012-11-29
openSUSE openSUSE-SU-2013:0605-1 2013-04-03
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds