Vulnerability Note VU#606539
ISC BIND 9 resolver denial of service vulnerability
ISC BIND 9 resolver contains a remote packet denial of service vulnerability after logging an error in query.c.
According to ISC:
An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached.At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.
A remote, unauthenticated attacker can cause the BIND 9 resolver to crash creating a denial of service condition.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||-||06 Jan 2012|
|Fedora Project||Affected||-||06 Jan 2012|
|Hewlett-Packard Company||Affected||-||06 Jan 2012|
|Internet Systems Consortium||Affected||-||16 Nov 2011|
|Mandriva S. A.||Affected||-||06 Jan 2012|
|Oracle Corporation||Affected||-||28 Nov 2011|
|Red Hat, Inc.||Affected||-||06 Jan 2012|
|SUSE Linux||Affected||-||06 Jan 2012|
|Ubuntu||Affected||-||06 Jan 2012|
CVSS Metrics (Learn More)
Thanks to Internet Systems Consortium for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2011-4313
- Date Public: 16 Nov 2011
- Date First Published: 22 Nov 2011
- Date Last Updated: 06 Jan 2012
- Severity Metric: 21.92
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.