bind: denial of service
| Package(s): | bind | CVE #(s): | CVE-2014-3214 CVE-2014-8680 | ||||||||
| Created: | February 9, 2015 | Updated: | February 11, 2015 | ||||||||
| Description: | From the CVE entries:
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes. (CVE-2014-3214) The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options. (CVE-2014-8680) | ||||||||||
| Alerts: |
| ||||||||||