SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
(CentOS Issues Fix) ISC BIND TKEY Query Processing Flaw Lets Remote Users Cause the Target Service to Crash
SecurityTracker Alert ID:  1033107
SecurityTracker URL:  http://securitytracker.com/id/1033107
CVE Reference:   CVE-2015-5477   (Links to External Site)
Date:  Jul 29 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.1.0 - 9.8.x, 9.9.0 - 9.9.7-P1, 9.10.0 - 9.10.2-P2
Description:   A vulnerability was reported in ISC BIND. A remote user can cause the target service to crash.

A remote user can send a specially crafted TKEY query packet to trigger a REQUIRE assertion failure and cause the named service to crash. The flaw occurs prior to the access control list checks.

Recursive and authoritative servers are affected.

Jonathan Foote reported this vulnerability.

Impact:   A remote user can cause the target named service to crash.
Solution:   CentOS has issued a fix.

i386:
e94c5d303a687961e27faefb38542d43f85e8d50bfcb2eec97b29a4b401a7e94 bind-9.3.6-25.P1.el5_11.3.i386.rpm
2602a6619c15b9352753ca9a59f645ac19ec16eeb07c1186a1a48295b3dcba30 bind-chroot-9.3.6-25.P1.el5_11.3.i386.rpm
e90145a4e6f3bcbac6fb566d92385361c212af5171a429ac09680bf20996a70f bind-devel-9.3.6-25.P1.el5_11.3.i386.rpm
67f04bc05d5ccb05e4c13f8b8fe4d65b1fc1b611c6d8510c85685235e2e07b4e bind-libbind-devel-9.3.6-25.P1.el5_11.3.i386.rpm
ccf15a3e6dc0e09b007de214a97790d5d0f330994fc71a7fc31e61ab8959401a bind-libs-9.3.6-25.P1.el5_11.3.i386.rpm
5e964b2eeabebdcc277c67cb9c66ab948a1bab42ffa1709072672d0e31975c8e bind-sdb-9.3.6-25.P1.el5_11.3.i386.rpm
272cdaa8afedde309f4c056bf81bacd0040aba1ba9c6bd74b06c3447d19f5d79 bind-utils-9.3.6-25.P1.el5_11.3.i386.rpm
3a6ef4acad542497ad5dd4b9cf6f9a5f929f201c5da4ef0ea8edf08f36a42491 caching-nameserver-9.3.6-25.P1.el5_11.3.i386.rpm

x86_64:
121cd9c943ab2f9a2e2e3e9085df43ea552e62c31d2160f390a41779645ddf3c bind-9.3.6-25.P1.el5_11.3.x86_64.rpm
60939ff13f60f6bfe4e0fcfe176573c88b659b12b42755d389f5cc4b6ddcf7d2 bind-chroot-9.3.6-25.P1.el5_11.3.x86_64.rpm
e90145a4e6f3bcbac6fb566d92385361c212af5171a429ac09680bf20996a70f bind-devel-9.3.6-25.P1.el5_11.3.i386.rpm
93b096322b3b84c88f7d193dd600098f5571e1257532d49fa27dfcc8a6488973 bind-devel-9.3.6-25.P1.el5_11.3.x86_64.rpm
67f04bc05d5ccb05e4c13f8b8fe4d65b1fc1b611c6d8510c85685235e2e07b4e bind-libbind-devel-9.3.6-25.P1.el5_11.3.i386.rpm
c99671bfe37a76a782e93e046f96983080327bc00d721c5e9d7808585f14f373 bind-libbind-devel-9.3.6-25.P1.el5_11.3.x86_64.rpm
ccf15a3e6dc0e09b007de214a97790d5d0f330994fc71a7fc31e61ab8959401a bind-libs-9.3.6-25.P1.el5_11.3.i386.rpm
7cc7bb6a588e4ad88cfd7e230ae8b74d400e171d243b10bfbdb1106dd1773193 bind-libs-9.3.6-25.P1.el5_11.3.x86_64.rpm
be171ab4bcd0022a9d84ff36b68e38d5fd91d9d64e65527e6c3752a4cffdc2e0 bind-sdb-9.3.6-25.P1.el5_11.3.x86_64.rpm
a3ed13e15585701c1d9161d4e137d1492c740ef8601b9e9b1200cacf641c7830 bind-utils-9.3.6-25.P1.el5_11.3.x86_64.rpm
41ecfadef75c7f423f87e0fc32ee9ecb0f279db8167cbc16ffe985d17b3249eb caching-nameserver-9.3.6-25.P1.el5_11.3.x86_64.rpm

Source:
07f2f7dda39914aeef316af6aa9e48ca450dba8b39393b210073f4482a42ec42 bind-9.3.6-25.P1.el5_11.3.src.rpm

i386:
70be08407007ee373075a7f4c0e8f30f9ae9486cc6e86d758e145c7e0452fbba bind97-9.7.0-21.P2.el5_11.2.i386.rpm
4b4e40fca6cf07b64db40860a6b5c9102f4d1968d3996bd0cff8804a92273bce bind97-chroot-9.7.0-21.P2.el5_11.2.i386.rpm
2f4ca3bb619d4fb2a98e61d36b1a415a8f774da3ee48cdec5b36b3c2c4ae883e bind97-devel-9.7.0-21.P2.el5_11.2.i386.rpm
5e1cd26638a0ad32eb0e77c7bdff74283dc67eaf98d6b43883fecf1cbd8c1e8e bind97-libs-9.7.0-21.P2.el5_11.2.i386.rpm
a3d8ecd851aeb1600abc328b35b48e1afaa6f64b3ac9bae46033e7cfc1db7353 bind97-utils-9.7.0-21.P2.el5_11.2.i386.rpm

x86_64:
b826b3406eec2980fb56649f18d0b5372589d49ede9656ea0a8fcca3634e3943 bind97-9.7.0-21.P2.el5_11.2.x86_64.rpm
6a39f618114777091a0a35f879465d6fb7365b253a53f8802d4cb328d70fffaa bind97-chroot-9.7.0-21.P2.el5_11.2.x86_64.rpm
2f4ca3bb619d4fb2a98e61d36b1a415a8f774da3ee48cdec5b36b3c2c4ae883e bind97-devel-9.7.0-21.P2.el5_11.2.i386.rpm
415af4cc884957116f9b7111dbe75a65bdfe60fb52d9c864cb2718b04bf8711c bind97-devel-9.7.0-21.P2.el5_11.2.x86_64.rpm
5e1cd26638a0ad32eb0e77c7bdff74283dc67eaf98d6b43883fecf1cbd8c1e8e bind97-libs-9.7.0-21.P2.el5_11.2.i386.rpm
d8045281af26202376e42d47bed00998946e2005db418c114843da05b728bc05 bind97-libs-9.7.0-21.P2.el5_11.2.x86_64.rpm
93d966dcf44c39c8f07a3b46d74d46ae0cd57fa29d6ffab510fb0a5d1acbe7c8 bind97-utils-9.7.0-21.P2.el5_11.2.x86_64.rpm

Source:
baa5aa7d9bf6f235fdebe677c8e716c4495471bac02acec7f51b66ae7d20bdd0 bind97-9.7.0-21.P2.el5_11.2.src.rpm

x86_64:
9c5c7ecb8477d65dbee21c713bc1682a186491a9b81885e5369fc85cf6db2ca1 bind-9.9.4-18.el7_1.3.x86_64.rpm
62eab23efa33dc6860cebfc4fa472778386c953783327068459cb832852aa470 bind-chroot-9.9.4-18.el7_1.3.x86_64.rpm
4d038f6059f4b05e0eef1d3e54ea0d30384e7184e484c7298c68de4d14a4ba34 bind-devel-9.9.4-18.el7_1.3.i686.rpm
3a6e11021ddadfecd3ae3ad6e44c9967655cbd03cbce5b3e81dec1894780bae6 bind-devel-9.9.4-18.el7_1.3.x86_64.rpm
c373ece790e2529f3712cf6b949a50560811381d1275bd4a8a395a91f1533aec bind-libs-9.9.4-18.el7_1.3.i686.rpm
412969a1cf5a64b6e2b76f61fbd80e0b398710091cc5675c83294ec5ea60a1b9 bind-libs-9.9.4-18.el7_1.3.x86_64.rpm
5ca41fdbb73ea32acfcc9ee32ea8732090165d131970ea6cba1df926f1c3a207 bind-libs-lite-9.9.4-18.el7_1.3.i686.rpm
06fcfad4fe46cf5bb869aeeaf5d2aa39e1252ce2d98164eef25595883ee3741c bind-libs-lite-9.9.4-18.el7_1.3.x86_64.rpm
b4bdecc323c44527ad29102062a902c61e0d49e19f90ec9a3a2c94e83cb33b7b bind-license-9.9.4-18.el7_1.3.noarch.rpm
f3bc495f2f068075712f59bb446ff262771371b9729d946ed58e2d380655326b bind-lite-devel-9.9.4-18.el7_1.3.i686.rpm
ba5e6f001722090f86e6d6f7c5f13a70aaa2fd83d494793da689324c2a7603d1 bind-lite-devel-9.9.4-18.el7_1.3.x86_64.rpm
091830f725b50163e503be86e4973ab95613b3cc9934a2151285305d79e3c4d0 bind-sdb-9.9.4-18.el7_1.3.x86_64.rpm
4b4bb1c576931457478a6f4864fd10c085ec5d612698650d029bb33a95919090 bind-sdb-chroot-9.9.4-18.el7_1.3.x86_64.rpm
0ec01671e720be4e5678b2ee2593668fe98d8b5db83215e94abc10b346bdd2c7 bind-utils-9.9.4-18.el7_1.3.x86_64.rpm

Source:
b0702c059ab0c337a06f36f078a2e036291bcb53fa53f6eea65a2bdc2c66b119 bind-9.9.4-18.el7_1.3.src.rpm

Vendor URL:  kb.isc.org/article/AA-01272 (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  5, 7

Message History:   This archive entry is a follow-up to the message listed below.
Jul 29 2015 ISC BIND TKEY Query Processing Flaw Lets Remote Users Cause the Target Service to Crash



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC