[<prev] [next>] [day] [month] [year] [list]
Message-ID: <45b93a35.XepKpR+dn9c0ABCG%announce-noreply@rpath.com>
Date: Thu, 25 Jan 2007 18:16:05 -0500
From: rPath Update Announcements <announce-noreply@...th.com>
To: security-announce@...ts.rpath.com, update-announce@...ts.rpath.com
Cc: lwn@....net, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: rPSA-2007-0021-1 bind bind-utils
rPath Security Advisory: 2007-0021-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1
bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
https://issues.rpath.com/browse/RPL-989
Description:
Previous versions of the bind package are vulnerable to two remote
denial of service attacks in which attackers can cause the bind
daemon to to crash or exit unexpectedly by providing malformed
data to the daemon in a DNS request.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists