GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Jan 30, 2014 12:27 am Post subject: [ GLSA 201401-34 ] BIND: Denial of Service |
|
|
Gentoo Linux Security Advisory
Title: BIND: Denial of Service (GLSA 201401-34)
Severity: normal
Exploitable: remote
Date: January 29, 2014
Bug(s): #437828, #446094, #453974, #463497, #478316, #483208, #498016
ID: 201401-34
Synopsis
Multiple vulnerabilities have been found in BIND, possibly
resulting in Denial of Service.
Background
BIND is the Berkeley Internet Name Domain Server.
Affected Packages
Package: net-dns/bind
Vulnerable: < 9.9.4_p2
Unaffected: >= 9.9.4_p2
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in BIND. Please review the
CVE identifiers referenced below for details.
Impact
A remote attacker may be able to cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.4_p2"
|
References
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-2266
CVE-2013-3919
CVE-2013-4854
CVE-2014-0591 |
|