BIND vulnerability
Bug #59202 reported by
Patrik Wallström
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bind9 (Ubuntu) |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Binary package hint: bind9
Haven't seen any indications of that you have seen this update from ISC...
http://
Please update BIND9 immediately.
To post a comment you must log in.
Version(s): 9.3.2 and prior versions
Description: A vulnerability was reported in BIND. A remote user can
cause denial of service conditions.
A remote user (DNS server) can send specially crafted RRset responses in
return to a recursive SIG query to cause the requesting named service to
crash [CVE-2006-4095].
A remote user can also send specially crafted queries to trigger an www.isc. org/sw/ bind/
INSIST failure and cause the requesting service(s) to crash [CVE-2006-4096].
Impact: A remote user can cause the target named service to crash.
Solution: The vendor has issued fixed versions (9.3.2-P1, 9.2.7, and
9.2.6-P1), available at: http://