Executive Summary

Summary
Title Bind vulnerability
Informations
Name USN-1264-1 First vendor Publication 2011-11-16
Vendor Ubuntu Last vendor Modification 2011-11-16
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS

Summary:

Bind could be made to crash if it received specially crafted network traffic.

Software Description: - bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10:
libdns69 1:9.7.3.dfsg-1ubuntu4.1

Ubuntu 11.04:
libdns69 1:9.7.3.dfsg-1ubuntu2.3

Ubuntu 10.10:
libdns66 1:9.7.1.dfsg.P2-2ubuntu0.5

Ubuntu 10.04 LTS:
libdns64 1:9.7.0.dfsg.P1-1ubuntu0.4

Ubuntu 8.04 LTS:
libdns36 1:9.4.2.dfsg.P2-2ubuntu0.9

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1264-1
CVE-2011-4313

Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.1
https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu2.3
https://launchpad.net/ubuntu/+source/bind9/1:9.7.1.dfsg.P2-2ubuntu0.5
https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.4
https://launchpad.net/ubuntu/+source/bind9/1:9.4.2.dfsg.P2-2ubuntu0.9

Original Source

Url : http://www.ubuntu.com/usn/USN-1264-1

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14343
 
Oval ID: oval:org.mitre.oval:def:14343
Title: HP-UX Running BIND, Remote Denial of Service (DoS)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4313
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15046
 
Oval ID: oval:org.mitre.oval:def:15046
Title: DSA-2347-1 bind9 -- improper assert
Description: It was discovered that BIND, a DNS server, crashes while processing certain sequences of recursive DNS queries, leading to a denial of service. Authoritative-only server configurations are not affected by this issue.
Family: unix Class: patch
Reference(s): DSA-2347-1
CVE-2011-4313
Version: 7
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15365
 
Oval ID: oval:org.mitre.oval:def:15365
Title: USN-1264-1 -- Bind vulnerability
Description: bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1264-1
CVE-2011-4313
Version: 7
Platform(s): Ubuntu 11.04
Ubuntu 11.10
Ubuntu 8.04
Ubuntu 10.04
Ubuntu 10.10
Product(s): Bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20072
 
Oval ID: oval:org.mitre.oval:def:20072
Title: Multiple vulnerabilities in AIX BIND
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4313
Version: 6
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21944
 
Oval ID: oval:org.mitre.oval:def:21944
Title: RHSA-2011:1459: bind97 security update (Important)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: patch
Reference(s): RHSA-2011:1459-01
CESA-2011:1459
CVE-2011-4313
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22113
 
Oval ID: oval:org.mitre.oval:def:22113
Title: RHSA-2011:1458: bind security update (Important)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: patch
Reference(s): RHSA-2011:1458-01
CESA-2011:1458
CVE-2011-4313
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23322
 
Oval ID: oval:org.mitre.oval:def:23322
Title: ELSA-2011:1459: bind97 security update (Important)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: patch
Reference(s): ELSA-2011:1459-01
CVE-2011-4313
Version: 6
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23397
 
Oval ID: oval:org.mitre.oval:def:23397
Title: DEPRECATED: ELSA-2011:1458: bind security update (Important)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: patch
Reference(s): ELSA-2011:1458-01
CVE-2011-4313
Version: 7
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23684
 
Oval ID: oval:org.mitre.oval:def:23684
Title: ELSA-2011:1458: bind security update (Important)
Description: query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
Family: unix Class: patch
Reference(s): ELSA-2011:1458-01
CVE-2011-4313
Version: 6
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27896
 
Oval ID: oval:org.mitre.oval:def:27896
Title: DEPRECATED: ELSA-2011-1459 -- bind97 security update (important)
Description: [32:9.7.0-6.P2.4] - fix DOS against recursive servers (#754398)
Family: unix Class: patch
Reference(s): ELSA-2011-1459
CVE-2011-4313
Version: 4
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28078
 
Oval ID: oval:org.mitre.oval:def:28078
Title: DEPRECATED: ELSA-2011-1458 -- bind security update (important)
Description: [32:9.7.3-2.3.P3] - fix DOS against recursive servers (#754398) [32:9.7.3-2.2.P3] - update to 9.7.3-P3 (CVE-2011-2464) [32:9.7.3-2.1.P1] - update to 9.7.3-P1 (CVE-2011-1910)
Family: unix Class: patch
Reference(s): ELSA-2011-1458
CVE-2011-4313
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): bind
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 239

OpenVAS Exploits

Date Description
2012-12-31 Name : Fedora Update for bind FEDORA-2012-19822
File : nvt/gb_fedora_2012_19822_bind_fc16.nasl
2012-10-23 Name : Fedora Update for bind FEDORA-2012-15981
File : nvt/gb_fedora_2012_15981_bind_fc16.nasl
2012-10-03 Name : Fedora Update for bind FEDORA-2012-14030
File : nvt/gb_fedora_2012_14030_bind_fc16.nasl
2012-08-14 Name : Fedora Update for bind FEDORA-2012-11153
File : nvt/gb_fedora_2012_11153_bind_fc16.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-01 (bind)
File : nvt/glsa_201206_01.nasl
2012-07-30 Name : CentOS Update for bind CESA-2011:1458 centos5 x86_64
File : nvt/gb_CESA-2011_1458_bind_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for bind97 CESA-2011:1459 centos5 x86_64
File : nvt/gb_CESA-2011_1459_bind97_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for bind CESA-2011:1496 centos4 x86_64
File : nvt/gb_CESA-2011_1496_bind_centos4_x86_64.nasl
2012-06-19 Name : Fedora Update for bind FEDORA-2012-8962
File : nvt/gb_fedora_2012_8962_bind_fc15.nasl
2012-06-19 Name : Fedora Update for bind FEDORA-2012-8946
File : nvt/gb_fedora_2012_8946_bind_fc16.nasl
2012-04-02 Name : Fedora Update for bind FEDORA-2011-16057
File : nvt/gb_fedora_2011_16057_bind_fc16.nasl
2012-02-11 Name : Debian Security Advisory DSA 2347-1 (bind9)
File : nvt/deb_2347_1.nasl
2011-12-02 Name : CentOS Update for bind CESA-2011:1496 centos4 i386
File : nvt/gb_CESA-2011_1496_bind_centos4_i386.nasl
2011-12-02 Name : RedHat Update for bind RHSA-2011:1496-01
File : nvt/gb_RHSA-2011_1496-01_bind.nasl
2011-11-28 Name : Fedora Update for bind FEDORA-2011-16036
File : nvt/gb_fedora_2011_16036_bind_fc15.nasl
2011-11-28 Name : Fedora Update for bind FEDORA-2011-16002
File : nvt/gb_fedora_2011_16002_bind_fc14.nasl
2011-11-21 Name : CentOS Update for bind97 CESA-2011:1459 centos5 i386
File : nvt/gb_CESA-2011_1459_bind97_centos5_i386.nasl
2011-11-21 Name : CentOS Update for bind CESA-2011:1458 centos5 i386
File : nvt/gb_CESA-2011_1458_bind_centos5_i386.nasl
2011-11-21 Name : Mandriva Update for bind MDVSA-2011:176-2 (bind)
File : nvt/gb_mandriva_MDVSA_2011_176_2.nasl
2011-11-18 Name : RedHat Update for bind97 RHSA-2011:1459-01
File : nvt/gb_RHSA-2011_1459-01_bind97.nasl
2011-11-18 Name : RedHat Update for bind RHSA-2011:1458-01
File : nvt/gb_RHSA-2011_1458-01_bind.nasl
2011-11-18 Name : Mandriva Update for bind MDVSA-2011:176 (bind)
File : nvt/gb_mandriva_MDVSA_2011_176.nasl
2011-11-18 Name : Mandriva Update for bind MDVSA-2011:176-1 (bind)
File : nvt/gb_mandriva_MDVSA_2011_176_1.nasl
2011-11-18 Name : Ubuntu Update for bind9 USN-1264-1
File : nvt/gb_ubuntu_USN_1264_1.nasl
0000-00-00 Name : FreeBSD Ports: bind96
File : nvt/freebsd_bind960.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
77159 ISC BIND Recursive Query Parsing Remote DoS

ISC BIND 9 contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted recursive queries occur, and will result in loss of availability for the service.

Nessus® Vulnerability Scanner

Date Description
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_bind_20111202.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL14204.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_bind-111117.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_bind-111117.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2011-13.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-24.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1496.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1459.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1458.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV09978.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV09491.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV10049.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV11742.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV11744.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IV11743.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_2.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111129_bind_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111117_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111117_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-06-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-01.nasl - Type : ACT_GATHER_INFO
2012-03-06 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_42727.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_bind-7851.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_bind-111121.nasl - Type : ACT_GATHER_INFO
2011-11-30 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1496.nasl - Type : ACT_GATHER_INFO
2011-11-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1496.nasl - Type : ACT_GATHER_INFO
2011-11-28 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16036.nasl - Type : ACT_GATHER_INFO
2011-11-28 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16002.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1458.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1459.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16057.nasl - Type : ACT_GATHER_INFO
2011-11-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1458.nasl - Type : ACT_GATHER_INFO
2011-11-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1459.nasl - Type : ACT_GATHER_INFO
2011-11-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1264-1.nasl - Type : ACT_GATHER_INFO
2011-11-17 Name : The remote name server may be affected by a denial of service vulnerability.
File : bind9_981_p1.nasl - Type : ACT_GATHER_INFO
2011-11-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-176.nasl - Type : ACT_GATHER_INFO
2011-11-17 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_90cc149410ac11e1b3ec0024e830109b.nasl - Type : ACT_GATHER_INFO
2011-11-17 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2347.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:59:15
  • Multiple Updates