Bind: Denial of Service Vulnerabilities 

Users of Bind please be advised of a denial of service vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

USN-1025-1: [USN-1025-1] Bind vulnerabilities
Details follow:

It was discovered that Bind would incorrectly allow a ncache entry and a

rrsig for the same type. A remote attacker could exploit this to cause

Bind to crash, resulting in a denial of service. (CVE-2010-3613)

It was discovered that Bind would incorrectly mark zone data as insecure

when the zone is undergoing a key algorithm rollover. (CVE-2010-3614)

Read more at http://www.criticalwatch.com

 

Advertisements