718966 – (CVE-2011-2464) CVE-2011-2464 bind: Specially constructed packet will cause named to exit

Bug 718966 (CVE-2011-2464) - CVE-2011-2464 bind: Specially constructed packet will cause named to exit

Summary: CVE-2011-2464 bind: Specially constructed packet will cause named to exit

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2011-2464
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	719039 719040 719041 719070 719072 833877
Blocks:	718981
TreeView+	depends on / blocked

Reported:	2011-07-05 10:42 UTC by Huzaifa S. Sidhpurwala
Modified:	2019-09-29 12:45 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-02-26 23:06:59 UTC
Embargoed:

Attachments	(Terms of Use)
bind 9.7.3 P1 -> P3 diff (15.42 KB, patch) 2011-07-05 13:25 UTC, Tomas Hoger	no flags	Details \| Diff
bind 9.8.0 P2 -> P4 diff (30.21 KB, patch) 2011-07-05 13:43 UTC, Tomas Hoger	no flags	Details \| Diff
bind 9.8.0 P2 -> P4 diff (26.19 KB, patch) 2011-07-05 13:46 UTC, Tomas Hoger	no flags	Details \| Diff
Show Obsolete (1) View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:0926	0	normal	SHIPPED_LIVE	Important: bind security update	2011-07-07 21:25:11 UTC

Description Huzaifa S. Sidhpurwala 2011-07-05 10:42:04 UTC

A specially crafted packet can cause named process to exit, affecting 
DNS services

Comment 2 Eugene Teo (Security Response) 2011-07-05 11:01:13 UTC

The Red Hat Security Response Team is aware of the accidental disclosure of the ISC security advisories. We are working to find out more about the vulnerabilities addressed.

Reference:
http://risky.biz/auscert-bind
http://pastebin.com/9NUt8Pk0

Comment 3 Eugene Teo (Security Response) 2011-07-05 11:18:51 UTC

http://article.gmane.org/gmane.comp.security.oss.general/5415

Comment 4 Tomas Hoger 2011-07-05 13:15:26 UTC

Upstream advisory:
http://www.isc.org/software/bind/advisories/cve-2011-2464

Comment 5 Tomas Hoger 2011-07-05 13:25:39 UTC

Created attachment 511313 [details]
bind 9.7.3 P1 -> P3 diff

Comment / header changes excluded.

Comment 6 Tomas Hoger 2011-07-05 13:43:32 UTC

Created attachment 511315 [details]
bind 9.8.0 P2 -> P4 diff

Comment 7 Tomas Hoger 2011-07-05 13:46:35 UTC

Created attachment 511316 [details]
bind 9.8.0 P2 -> P4 diff

Same as comment #6, removing diff for files that only got white-space changes.

Comment 9 Vincent Danen 2011-07-05 15:08:11 UTC

Created bind tracking bugs for this issue

Affects: fedora-all [bug 719041]

Comment 19 errata-xmlrpc 2011-07-08 06:27:24 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2011:0926 https://rhn.redhat.com/errata/RHSA-2011-0926.html

Note You need to log in before you can comment on or make changes to this bug.