bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

rPSA-2007-0021-1 bind bind-utils

from [rPath Update Announcements] [Permanent Link][Original]
To: security-announce@lists.rpath.com, update-announce@lists.rpath.com
Subject: rPSA-2007-0021-1 bind bind-utils
From: rPath Update Announcements <announce-noreply@rpath.com>
Date: Thu, 25 Jan 2007 18:16:05 -0500
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com, lwn@lwn.net
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm
User-agent: nail 11.22 3/20/05 
rPath Security Advisory: 2007-0021-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
    Remote Deterministic Denial of Service
Updated Versions:
    bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1
    bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
    https://issues.rpath.com/browse/RPL-989

Description:
    Previous versions of the bind package are vulnerable to two remote
    denial of service attacks in which attackers can cause the bind
    daemon to to crash or exit unexpectedly by providing malformed
    data to the daemon in a DNS request.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • rPSA-2007-0021-1 bind bind-utils, rPath Update Announcements <=
Previous by Date:  Re: Remove all admin->root authorization prompts from OSX, John Smith
Next by Date:  rPSA-2007-0020-1 rmake, rPath Update Announcements
Previous by Thread:  S21sec-034-en: Cisco VTP DoS vulnerability, S21sec Labs
Next by Thread:  rPSA-2007-0020-1 rmake, rPath Update Announcements
Indexes:  [Date] [Thread] [Top] [All Lists]