<<< Date Index >>>     <<< Thread Index >>>

rPSA-2007-0021-1 bind bind-utils



rPath Security Advisory: 2007-0021-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
    Remote Deterministic Denial of Service
Updated Versions:
    bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1
    bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
    https://issues.rpath.com/browse/RPL-989

Description:
    Previous versions of the bind package are vulnerable to two remote
    denial of service attacks in which attackers can cause the bind
    daemon to to crash or exit unexpectedly by providing malformed
    data to the daemon in a DNS request.