GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Feb 07, 2015 5:26 pm Post subject: [ glsa 201502-03 ] bind |
|
|
Gentoo Linux Security Advisory
Title: BIND: Multiple Vulnerabilities (GLSA 201502-03)
Severity: normal
Exploitable: remote
Date: February 07, 2015
Bug(s): #531998
ID: 201502-03
Synopsis
Multiple vulnerabilities have been found in BIND, allowing remote
attackers to cause a
denial of service condition.
Background
BIND (Berkeley Internet Name Domain) is a Name Server.
Affected Packages
Package: net-dns/bind
Vulnerable: < 9.10.1_p1
Unaffected: >= 9.10.1_p1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in BIND. Please review the
CVE identifiers referenced below for details.
Impact
A remote attacker can cause a denial of service condition by the lack of
GeoIP databases, or via a large or infinite number of referrals.
Workaround
There is no known workaround at this time.
Resolution
All bind users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.1_p1"
|
References
CVE-2014-3214
CVE-2014-8500
CVE-2014-8680
Last edited by GLSA on Thu Jun 18, 2015 4:16 am; edited 1 time in total |
|