SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
(CentOS Issues Fix) BIND Multiple Flaws Let Remote Users Cause the Target named Service to Stop Processing
SecurityTracker Alert ID:  1037606
SecurityTracker URL:  http://securitytracker.com/id/1037606
CVE Reference:   CVE-2016-9147   (Links to External Site)
Date:  Jan 17 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.4.0 - 9.6-ESV-R11-W1, 9.8.5 - 9.8.8, 9.9.3 - 9.9.9-P4, 9.9.9-S1 - 9.9.9-S6, 9.10.0 - 9.10.4-P4, 9.11.0 - 9.11.0-P1
Description:   Several vulnerabilities were reported in BIND. A remote user can cause the target service to crash.

A remote user can return a specially crafted query response to the target recursive server in response to an RTYPE ANY query to cause the target 'named' service to stop processing [CVE-2016-9131].

A remote user can return a specially crafted query response that contains DNSSEC-related RRsets that are inconsistent with other RRsets in the same query response to trigger an assertion failure and cause target 'named' service to stop processing [CVE-2016-9147]. Versions 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 are affected.

A remote user can return a specially crafted query response that contains a DS resource record to trigger an assertion failure and cause target 'named' service to stop processing [CVE-2016-9444].

A remote user can send a specially crafted query to the target system that uses the nxdomain-redirect feature to cover a zone for which it provides authoritative service to cause the target 'named' service to stop processing [CVE-2016-9778].

Impact:   A remote user can cause the target 'named' service to stop processing.
Solution:   CentOS has issued a fix for CVE-2016-9147.

i386:
476cd5104692bcf026b6db800aeecff31c5600f3d64fac08084c3d61853f0645 bind-9.3.6-25.P1.el5_11.12.i386.rpm
d526c2176aed4fee687f110fe8d892bcc553bcb1a756fb0cafd8b90643723a92 bind-chroot-9.3.6-25.P1.el5_11.12.i386.rpm
f021b8dcca512def5daf9030caa562d29d25722c9537880d57cb2810dfb2e18b bind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
4ed7fef04663dd5698df65b8330f761f8b3baf4d6f0d9724dc805c490f99a075 bind-libbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
355bc4519a8e4407a58c6ff57f9f73aa0f0e58a5c387ddebb2b501d203d717fd bind-libs-9.3.6-25.P1.el5_11.12.i386.rpm
c39fde90b9dae40891146c07e22fa86efa67b1b7c3398342a02e3f4e8a00efd7 bind-sdb-9.3.6-25.P1.el5_11.12.i386.rpm
1a0aac18b38c02f92d46679e1bf597c34736ebb52babe608db6a027cd33dbfa2 bind-utils-9.3.6-25.P1.el5_11.12.i386.rpm
a0e4df6c9c9a8e71ba271a273499f89ad8711f526e6e3f96d12cc3f975916802 caching-nameserver-9.3.6-25.P1.el5_11.12.i386.rpm

x86_64:
e82197a8f8b22b38fc714a1d11ef84cea29dfefef9eb54ad294922f720b8c3ef bind-9.3.6-25.P1.el5_11.12.x86_64.rpm
ad683a24813a69d495ae71e5894b85de01414773b793ed916b36bb522b7c2342 bind-chroot-9.3.6-25.P1.el5_11.12.x86_64.rpm
f021b8dcca512def5daf9030caa562d29d25722c9537880d57cb2810dfb2e18b bind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
a2870ab0a9bafe00d644546d951804d9953534de6a236253585367d512122fbf bind-devel-9.3.6-25.P1.el5_11.12.x86_64.rpm
4ed7fef04663dd5698df65b8330f761f8b3baf4d6f0d9724dc805c490f99a075 bind-libbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
7a2b25aa3226c64f5f454da3e3d52672a0e8da89fd38b7c614384266097d576c bind-libbind-devel-9.3.6-25.P1.el5_11.12.x86_64.rpm
355bc4519a8e4407a58c6ff57f9f73aa0f0e58a5c387ddebb2b501d203d717fd bind-libs-9.3.6-25.P1.el5_11.12.i386.rpm
0e1b85f2a746ce8a8548c3d22aa78a559cc75c7ff790a0169b2692a0132809b8 bind-libs-9.3.6-25.P1.el5_11.12.x86_64.rpm
1b15168ef3f4846baded7033e5184b6abfd24ed88bf5591d54b52b583bfcdb2e bind-sdb-9.3.6-25.P1.el5_11.12.x86_64.rpm
0f02b6e4925d97a6451bf2c4edc99b0d9d4f4c1757cd7403c9986fb2bfd61f7d bind-utils-9.3.6-25.P1.el5_11.12.x86_64.rpm
77ed878e16195d8314c9c2f95a4ba84a6d87254813d1abe517233f36b6b637cf caching-nameserver-9.3.6-25.P1.el5_11.12.x86_64.rpm

Source:
897436d4f721c68e17038d55daac3947493f08a294a15a92cb211ac16c9a1605 bind-9.3.6-25.P1.el5_11.12.src.rpm

i386:
a5e9d904f5d3b760438b3d50e40a99abf24f2a83ac43333072a1362c0f61186a bind-9.8.2-0.47.rc1.el6_8.4.i686.rpm
c88b96127401b4a73d7fb4260d284bcfe50cec45215e4b3b97a50e27db5a8742 bind-chroot-9.8.2-0.47.rc1.el6_8.4.i686.rpm
e24be65343576a042a8a0b567f35bcf7a68314ceaa9698c045a9aeb226043c29 bind-devel-9.8.2-0.47.rc1.el6_8.4.i686.rpm
21ba0901191dee2ca1764921a0932245005edb3fab4b12d47c21dffabe8124ba bind-libs-9.8.2-0.47.rc1.el6_8.4.i686.rpm
fe720e84cf035fed2e6bc1dff1f81a57e1f77d65aa0cc99428a282518cceabbc bind-sdb-9.8.2-0.47.rc1.el6_8.4.i686.rpm
04b878f0bd69fc813a575b48d268480e1ec8230a0e78fdc14e44ae312a777e54 bind-utils-9.8.2-0.47.rc1.el6_8.4.i686.rpm

x86_64:
135d88035e507920bc4d63a49af67cc28fba5d59b15851652e67a5e4771b27b6 bind-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm
6b173a9d942a21163cfd200bcf2687660d00201a5af79bfa5a48f8951e9381f4 bind-chroot-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm
e24be65343576a042a8a0b567f35bcf7a68314ceaa9698c045a9aeb226043c29 bind-devel-9.8.2-0.47.rc1.el6_8.4.i686.rpm
ec3b537c771895846e6046ccefe92ef6342fca039ce7a58a5e0a6df40ed9b472 bind-devel-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm
21ba0901191dee2ca1764921a0932245005edb3fab4b12d47c21dffabe8124ba bind-libs-9.8.2-0.47.rc1.el6_8.4.i686.rpm
cbc4ec06b260f3201e0ff37718fd618cf2053f107f94d2206be41e1782961b0c bind-libs-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm
7c171bfb67e8e22ab4bbff74032892ec381e5936191633f75af8534734966b47 bind-sdb-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm
38fbafe72a6c6bc0acf4f1ddbfe648227e2bd05d558fc8adb848f8a3b2ab76f9 bind-utils-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm

Source:
a48d7e57f50030bad2b2574c73e1060decb61eb2d11abf917876ac792efce6da bind-9.8.2-0.47.rc1.el6_8.4.src.rpm

Cause:   State error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  5, 6

Message History:   This archive entry is a follow-up to the message listed below.
Jan 12 2017 BIND Multiple Flaws Let Remote Users Cause the Target named Service to Stop Processing



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:0063 Important CentOS 5 bind Security Update


CentOS Errata and Security Advisory 2017:0063 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0063.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
476cd5104692bcf026b6db800aeecff31c5600f3d64fac08084c3d61853f0645  bind-9.3.6-25.P1.el5_11.12.i386.rpm
d526c2176aed4fee687f110fe8d892bcc553bcb1a756fb0cafd8b90643723a92  bind-chroot-9.3.6-25.P1.el5_11.12.i386.rpm
f021b8dcca512def5daf9030caa562d29d25722c9537880d57cb2810dfb2e18b  bind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
4ed7fef04663dd5698df65b8330f761f8b3baf4d6f0d9724dc805c490f99a075  bind-libbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
355bc4519a8e4407a58c6ff57f9f73aa0f0e58a5c387ddebb2b501d203d717fd  bind-libs-9.3.6-25.P1.el5_11.12.i386.rpm
c39fde90b9dae40891146c07e22fa86efa67b1b7c3398342a02e3f4e8a00efd7  bind-sdb-9.3.6-25.P1.el5_11.12.i386.rpm
1a0aac18b38c02f92d46679e1bf597c34736ebb52babe608db6a027cd33dbfa2  bind-utils-9.3.6-25.P1.el5_11.12.i386.rpm
a0e4df6c9c9a8e71ba271a273499f89ad8711f526e6e3f96d12cc3f975916802  caching-nameserver-9.3.6-25.P1.el5_11.12.i386.rpm

x86_64:
e82197a8f8b22b38fc714a1d11ef84cea29dfefef9eb54ad294922f720b8c3ef  bind-9.3.6-25.P1.el5_11.12.x86_64.rpm
ad683a24813a69d495ae71e5894b85de01414773b793ed916b36bb522b7c2342  bind-chroot-9.3.6-25.P1.el5_11.12.x86_64.rpm
f021b8dcca512def5daf9030caa562d29d25722c9537880d57cb2810dfb2e18b  bind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
a2870ab0a9bafe00d644546d951804d9953534de6a236253585367d512122fbf  bind-devel-9.3.6-25.P1.el5_11.12.x86_64.rpm
4ed7fef04663dd5698df65b8330f761f8b3baf4d6f0d9724dc805c490f99a075  bind-libbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm
7a2b25aa3226c64f5f454da3e3d52672a0e8da89fd38b7c614384266097d576c  bind-libbind-devel-9.3.6-25.P1.el5_11.12.x86_64.rpm
355bc4519a8e4407a58c6ff57f9f73aa0f0e58a5c387ddebb2b501d203d717fd  bind-libs-9.3.6-25.P1.el5_11.12.i386.rpm
0e1b85f2a746ce8a8548c3d22aa78a559cc75c7ff790a0169b2692a0132809b8  bind-libs-9.3.6-25.P1.el5_11.12.x86_64.rpm
1b15168ef3f4846baded7033e5184b6abfd24ed88bf5591d54b52b583bfcdb2e  bind-sdb-9.3.6-25.P1.el5_11.12.x86_64.rpm
0f02b6e4925d97a6451bf2c4edc99b0d9d4f4c1757cd7403c9986fb2bfd61f7d  bind-utils-9.3.6-25.P1.el5_11.12.x86_64.rpm
77ed878e16195d8314c9c2f95a4ba84a6d87254813d1abe517233f36b6b637cf  caching-nameserver-9.3.6-25.P1.el5_11.12.x86_64.rpm

Source:
897436d4f721c68e17038d55daac3947493f08a294a15a92cb211ac16c9a1605  bind-9.3.6-25.P1.el5_11.12.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC