ALT-PU-2017-1076-1
Closed vulnerabilities
Published: 2015-07-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5477
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
Severity: HIGH (7.8)
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718
- FEDORA-2015-12335
- FEDORA-2015-12335
- FEDORA-2015-12357
- FEDORA-2015-12357
- FEDORA-2015-12316
- FEDORA-2015-12316
- SUSE-SU-2015:1304
- SUSE-SU-2015:1304
- SUSE-SU-2015:1305
- SUSE-SU-2015:1305
- SUSE-SU-2015:1316
- SUSE-SU-2015:1316
- SUSE-SU-2015:1322
- SUSE-SU-2015:1322
- openSUSE-SU-2015:1326
- openSUSE-SU-2015:1326
- openSUSE-SU-2015:1335
- openSUSE-SU-2015:1335
- SUSE-SU-2016:0227
- SUSE-SU-2016:0227
- HPSBUX03400
- HPSBUX03400
- SSRT102211
- SSRT102211
- HPSBUX03410
- HPSBUX03410
- SSRT102175
- SSRT102175
- HPSBOV03506
- HPSBOV03506
- HPSBUX03511
- HPSBUX03511
- SSRT102248
- SSRT102248
- http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html
- http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html
- RHSA-2015:1513
- RHSA-2015:1513
- RHSA-2015:1514
- RHSA-2015:1514
- RHSA-2015:1515
- RHSA-2015:1515
- RHSA-2016:0078
- RHSA-2016:0078
- RHSA-2016:0079
- RHSA-2016:0079
- DSA-3319
- DSA-3319
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 76092
- 76092
- 1033100
- 1033100
- USN-2693-1
- USN-2693-1
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04789415
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04789415
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918
- https://kb.isc.org/article/AA-01272
- https://kb.isc.org/article/AA-01272
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01438
- https://kb.isc.org/article/AA-01438
- https://kb.juniper.net/JSA10783
- https://kb.juniper.net/JSA10783
- https://kc.mcafee.com/corporate/index?page=content&id=SB10126
- https://kc.mcafee.com/corporate/index?page=content&id=SB10126
- GLSA-201510-01
- GLSA-201510-01
- https://security.netapp.com/advisory/ntap-20160114-0001/
- https://security.netapp.com/advisory/ntap-20160114-0001/
- https://support.apple.com/kb/HT205032
- https://support.apple.com/kb/HT205032
- 37721
- 37721
- 37723
- 37723
Published: 2015-09-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5722
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
Severity: HIGH (7.8)
References:
- APPLE-SA-2015-10-21-8
- APPLE-SA-2015-10-21-8
- FEDORA-2015-15061
- FEDORA-2015-15061
- FEDORA-2015-15062
- FEDORA-2015-15062
- FEDORA-2015-14954
- FEDORA-2015-14954
- FEDORA-2015-15041
- FEDORA-2015-15041
- FEDORA-2015-14958
- FEDORA-2015-14958
- SUSE-SU-2015:1480
- SUSE-SU-2015:1480
- SUSE-SU-2015:1481
- SUSE-SU-2015:1481
- SUSE-SU-2015:1496
- SUSE-SU-2015:1496
- openSUSE-SU-2015:1597
- openSUSE-SU-2015:1597
- openSUSE-SU-2015:1667
- openSUSE-SU-2015:1667
- SUSE-SU-2016:0227
- SUSE-SU-2016:0227
- HPSBUX03511
- HPSBUX03511
- SSRT102248
- SSRT102248
- RHSA-2015:1705
- RHSA-2015:1705
- RHSA-2015:1706
- RHSA-2015:1706
- RHSA-2015:1707
- RHSA-2015:1707
- RHSA-2016:0078
- RHSA-2016:0078
- RHSA-2016:0079
- RHSA-2016:0079
- DSA-3350
- DSA-3350
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 76605
- 76605
- 1033452
- 1033452
- USN-2728-1
- USN-2728-1
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04891218
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04891218
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923105
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923105
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918
- https://kb.isc.org/article/AA-01287
- https://kb.isc.org/article/AA-01287
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01438
- https://kb.isc.org/article/AA-01438
- https://kc.mcafee.com/corporate/index?page=content&id=SB10134
- https://kc.mcafee.com/corporate/index?page=content&id=SB10134
- GLSA-201510-01
- GLSA-201510-01
- https://security.netapp.com/advisory/ntap-20190730-0001/
- https://security.netapp.com/advisory/ntap-20190730-0001/
- https://support.apple.com/HT205376
- https://support.apple.com/HT205376
Published: 2015-09-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5986
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
Severity: HIGH (7.1)
References:
- APPLE-SA-2015-10-21-8
- APPLE-SA-2015-10-21-8
- FEDORA-2015-14954
- FEDORA-2015-14954
- FEDORA-2015-14958
- FEDORA-2015-14958
- 76618
- 76618
- 1033453
- 1033453
- https://kb.isc.org/article/AA-01291
- https://kb.isc.org/article/AA-01291
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01305
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01306
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01307
- https://kb.isc.org/article/AA-01438
- https://kb.isc.org/article/AA-01438
- https://kc.mcafee.com/corporate/index?page=content&id=SB10134
- https://kc.mcafee.com/corporate/index?page=content&id=SB10134
- GLSA-201510-01
- GLSA-201510-01
- https://security.netapp.com/advisory/ntap-20190730-0001/
- https://security.netapp.com/advisory/ntap-20190730-0001/
- https://support.apple.com/HT205376
- https://support.apple.com/HT205376
Published: 2016-09-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- RHSA-2016:1944
- RHSA-2016:1944
- RHSA-2016:1945
- RHSA-2016:1945
- RHSA-2016:2099
- RHSA-2016:2099
- http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- 93188
- 93188
- 1036903
- 1036903
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05321107
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05321107
- https://kb.isc.org/article/AA-01419/0
- https://kb.isc.org/article/AA-01419/0
- https://kb.isc.org/article/AA-01435
- https://kb.isc.org/article/AA-01435
- https://kb.isc.org/article/AA-01436
- https://kb.isc.org/article/AA-01436
- https://kb.isc.org/article/AA-01438
- https://kb.isc.org/article/AA-01438
- FreeBSD-SA-16:28
- FreeBSD-SA-16:28
- GLSA-201610-07
- GLSA-201610-07
- https://security.netapp.com/advisory/ntap-20160930-0001/
- https://security.netapp.com/advisory/ntap-20160930-0001/
- 40453
- 40453
Published: 2017-01-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-9131
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- RHSA-2017:0062
- RHSA-2017:0062
- DSA-3758
- DSA-3758
- 95386
- 95386
- 1037582
- 1037582
- RHSA-2017:1583
- RHSA-2017:1583
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
- https://kb.isc.org/article/AA-01439/74/CVE-2016-9131
- https://kb.isc.org/article/AA-01439/74/CVE-2016-9131
- GLSA-201708-01
- GLSA-201708-01
- https://security.netapp.com/advisory/ntap-20180926-0005/
- https://security.netapp.com/advisory/ntap-20180926-0005/
Published: 2017-01-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-9444
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- RHSA-2017:0062
- RHSA-2017:0062
- DSA-3758
- DSA-3758
- 95393
- 95393
- 1037582
- 1037582
- RHSA-2017:1583
- RHSA-2017:1583
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
- https://kb.isc.org/article/AA-01441/74/CVE-2016-9444
- https://kb.isc.org/article/AA-01441/74/CVE-2016-9444
- GLSA-201708-01
- GLSA-201708-01
- https://security.netapp.com/advisory/ntap-20180926-0005/
- https://security.netapp.com/advisory/ntap-20180926-0005/
Closed bugs
Не хватает заголовочных файлов
неверный синтаксис строки в options.conf
[FR] Обновить bind до версии 9.10