Date: Sat, 1 Oct 2011 12:35:08 +0700 From: budsz <budiyt@gmail.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-11:03.bind Message-ID: <CADM2n7gnnQJ2A2TB4=SpWEMOpZu07MBFpn_rSFLyep_ZHwrZFg@mail.gmail.com> In-Reply-To: <201109280905.p8S95pmZ098559@freefall.freebsd.org> References: <201109280905.p8S95pmZ098559@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 28, 2011 at 4:05 PM, FreeBSD Security Advisories <security-advisories@freebsd.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > FreeBSD-SA-11:03.bind =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0 =A0 =A0 =A0 =A0 =A0 Security Advisory > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0The FreeBSD Project > > Topic: =A0 =A0 =A0 =A0 =A0Remote packet Denial of Service against named(8= ) servers > > Category: =A0 =A0 =A0 contrib > Module: =A0 =A0 =A0 =A0 bind > Announced: =A0 =A0 =A02011-09-28 > Credits: =A0 =A0 =A0 =A0Roy Arends > Affects: =A0 =A0 =A0 =A08.2-STABLE after 2011-05-28 and prior to the corr= ection date > Corrected: =A0 =A0 =A02011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE) > CVE Name: =A0 =A0 =A0 CVE-2011-2464 > > Note: This advisory concerns a vulnerability which existed only in > the FreeBSD 8-STABLE branch and was fixed over two months prior to the > date of this advisory. > > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:http://security.FreeBSD.org/>. > > I. =A0 Background > > BIND 9 is an implementation of the Domain Name System (DNS) protocols. > The named(8) daemon is an Internet Domain Name Server. > > II. =A0Problem Description > > A logic error in the BIND code causes the BIND daemon to accept bogus > data, which could cause the daemon to crash. > > III. Impact > > An attacker able to send traffic to the BIND daemon can cause it to > crash, resulting in a denial of service. > > IV. =A0Workaround > > No workaround is available, but systems not running the BIND name server > are not affected. > > V. =A0 Solution > > Upgrade your vulnerable system to 8-STABLE dated after the correction > date. > > VI. =A0Correction details > > The following list contains the revision numbers of each file that was > corrected in FreeBSD. > > CVS: > > Branch =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Revision > =A0Path > - -----------------------------------------------------------------------= -- > RELENG_8 > =A0src/contrib/bind9/lib/dns/message.c =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 1.3.2.3 > - -----------------------------------------------------------------------= -- > > Subversion: > > Branch/path > Revision > - -----------------------------------------------------------------------= -- > stable/8/ =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 r223815 > - -----------------------------------------------------------------------= -- > > VII. References > > http://www.isc.org/software/bind/advisories/cve-2011-2464 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2011-2464 > > The latest revision of this advisory is available at > http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.18 (FreeBSD) > > iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG > 9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK > =3DaUvD > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" > Only updating to 8.X for solution? there is no patch for this advisory? Thank You --=20 budsz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADM2n7gnnQJ2A2TB4=SpWEMOpZu07MBFpn_rSFLyep_ZHwrZFg>