SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
(CentOS Issues Fix) BIND CNAME/DNAME Record Processing Bug Lets Remote Users Cause the Target Service to Crash
SecurityTracker Alert ID:  1038311
SecurityTracker URL:  http://securitytracker.com/id/1038311
CVE Reference:   CVE-2017-3137   (Links to External Site)
Date:  Apr 19 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.9.9-P6, 9.9.10b1 - 9.9.10rc1, 9.10.4-P6, 9.10.5b1 - 9.10.5rc1, 9.11.0-P3, 9.11.1b1 - 9.11.1rc1, 9.9.9-S8
Description:   A vulnerability was reported in BIND. A remote user can cause the target service to crash.

A remote server can return a response containing specially crafted CNAME or DNAME resource records to cause the target 'named' service to crash.

Impact:   A remote user can cause the target 'named' service to crash.
Solution:   CentOS has issued a fix.

x86_64:
41aac9c0065db17450f133fb0e744b2e0b9d5810cd3e3b33f7ac92bb67b3d953 bind-9.9.4-38.el7_3.3.x86_64.rpm
37aafd25848fabc139431ffde194c5fe87c2bf6021e2ff16bceb80a6d3775f4d bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm
e06f209f8ca60f3e631b59997aa135fe522355a11527a96bba680045aa916239 bind-devel-9.9.4-38.el7_3.3.i686.rpm
ec6d11535efa4dfd0dc0317656eb9bb889ad38566be166ceed04bd67936462b1 bind-devel-9.9.4-38.el7_3.3.x86_64.rpm
7038fb1ea60b7299643824b25e39af1cc4573634c08fea402ebf33123af311bb bind-libs-9.9.4-38.el7_3.3.i686.rpm
2442703f191c4fd5ed3e36fa7b267da0b52b15414f4c4551b621b00955ee6411 bind-libs-9.9.4-38.el7_3.3.x86_64.rpm
626cedc17e03b8575562e78d7717a32d82dd513123239b7ff73c18738d2ff9c5 bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm
d97c677eeef268520e10951d7a1de580e240ca17cf6e0e7b63249f715a2de391 bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm
8a40293dc07d63a009c9559818f3977b55201c04502c054078d5b4f659b9f6b9 bind-license-9.9.4-38.el7_3.3.noarch.rpm
58193a8c1660325e0d9a1b63c91fc6dae591d7bdf3c41232462c3e488612316e bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm
9a8bb442c028bd7682fa9710ca085548083f5bbf602909f52f21887d9314c8d3 bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm
91c55d24adbac7682a3fd5ce096e835cda7a05ae069564c31268375cb474a638 bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm
0acf41b2baddb00640934e69f64931eb908064c2b890bfc6edb3e84a21c005d9 bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm
f1b518addd7717a5fde9e8972c0c71d9b28a0129bba8201ca82fe6d7735e542d bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm
00aca50af4e66b5db2be7e0a37fbe3924d48ba76e20b688ed70cdb842edce924 bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm
bf9f7f748442c78f3483443450af89bc77b601338041b71602bdce0b306394cf bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm
462fe7bcf54effb70c91c107a46c5e04748b90fcc10550b2fcce2699278d2da9 bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm
ccee502f2da49959e99e1b62da8c4cd9b4382c4ca79408e47f8c3ae89d265787 bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm
4b9183c9d659864810c904be5f85cc84e8a594b7db2539ebdec2a80347e0547f bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm
45d5c457513673354589679542b03d7523cf40e211eee0fafc40005f7ed0cae2 bind-utils-9.9.4-38.el7_3.3.x86_64.rpm

Source:
ba64bef4d94b3bb7e4fd00b95d77975d60b0a40ed5cc00fc1e1fe93d7971093b bind-9.9.4-38.el7_3.3.src.rpm

Cause:   State error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Apr 13 2017 BIND CNAME/DNAME Record Processing Bug Lets Remote Users Cause the Target Service to Crash



 Source Message Contents

Date:  Wed, 19 Apr 2017 16:57:53 +0000
Subject:  [CentOS-announce] CESA-2017:1095 Important CentOS 7 bind Security Update


CentOS Errata and Security Advisory 2017:1095 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1095.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
41aac9c0065db17450f133fb0e744b2e0b9d5810cd3e3b33f7ac92bb67b3d953  bind-9.9.4-38.el7_3.3.x86_64.rpm
37aafd25848fabc139431ffde194c5fe87c2bf6021e2ff16bceb80a6d3775f4d  bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm
e06f209f8ca60f3e631b59997aa135fe522355a11527a96bba680045aa916239  bind-devel-9.9.4-38.el7_3.3.i686.rpm
ec6d11535efa4dfd0dc0317656eb9bb889ad38566be166ceed04bd67936462b1  bind-devel-9.9.4-38.el7_3.3.x86_64.rpm
7038fb1ea60b7299643824b25e39af1cc4573634c08fea402ebf33123af311bb  bind-libs-9.9.4-38.el7_3.3.i686.rpm
2442703f191c4fd5ed3e36fa7b267da0b52b15414f4c4551b621b00955ee6411  bind-libs-9.9.4-38.el7_3.3.x86_64.rpm
626cedc17e03b8575562e78d7717a32d82dd513123239b7ff73c18738d2ff9c5  bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm
d97c677eeef268520e10951d7a1de580e240ca17cf6e0e7b63249f715a2de391  bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm
8a40293dc07d63a009c9559818f3977b55201c04502c054078d5b4f659b9f6b9  bind-license-9.9.4-38.el7_3.3.noarch.rpm
58193a8c1660325e0d9a1b63c91fc6dae591d7bdf3c41232462c3e488612316e  bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm
9a8bb442c028bd7682fa9710ca085548083f5bbf602909f52f21887d9314c8d3  bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm
91c55d24adbac7682a3fd5ce096e835cda7a05ae069564c31268375cb474a638  bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm
0acf41b2baddb00640934e69f64931eb908064c2b890bfc6edb3e84a21c005d9  bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm
f1b518addd7717a5fde9e8972c0c71d9b28a0129bba8201ca82fe6d7735e542d  bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm
00aca50af4e66b5db2be7e0a37fbe3924d48ba76e20b688ed70cdb842edce924  bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm
bf9f7f748442c78f3483443450af89bc77b601338041b71602bdce0b306394cf  bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm
462fe7bcf54effb70c91c107a46c5e04748b90fcc10550b2fcce2699278d2da9  bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm
ccee502f2da49959e99e1b62da8c4cd9b4382c4ca79408e47f8c3ae89d265787  bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm
4b9183c9d659864810c904be5f85cc84e8a594b7db2539ebdec2a80347e0547f  bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm
45d5c457513673354589679542b03d7523cf40e211eee0fafc40005f7ed0cae2  bind-utils-9.9.4-38.el7_3.3.x86_64.rpm

Source:
ba64bef4d94b3bb7e4fd00b95d77975d60b0a40ed5cc00fc1e1fe93d7971093b  bind-9.9.4-38.el7_3.3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC