(McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1028900 |
SecurityTracker URL: http://securitytracker.com/id/1028900
|
CVE Reference:
CVE-2013-4854
(Links to External Site)
|
Date: Aug 12 2013
|
Impact:
Denial of service via network
|
Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in ISC BIND. A remote user can cause denial of service conditions. McAfee Email and Web Security Appliance is affected.
A remote user can send a query containing specially crafted rdata to cause the target service to crash.
This vulnerability is being actively exploited.
Both authoritative and recursive servers are affected.
BIND 9.6 and BIND 9.6-ESV are not affected.
|
Impact:
A remote user can cause the target service to crash.
|
Solution:
McAfee has issued an advisory for McAfee Email and Web Security Appliance. A fix (5.6.7) is pending.
The McAfee advisory is available at:
https://kc.mcafee.com/corporate/index?page=content&id=SB10052
|
Vendor URL: kb.isc.org/article/AA-01015 (Links to External Site)
|
Cause:
State error
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|