Details of VAR-201207-0279

ID

VAR-201207-0279

CVE

CVE-2012-3817

TITLE

ISC BIND Service disruption in ( Violation of representation and Daemon Exit) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-003305

DESCRIPTION

ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. Juniper Networks Juniper Junos is a network operating system dedicated to the company's hardware systems by Juniper Networks. The operating system provides a secure programming interface and the Junos SDK. A remote denial of service vulnerability exists in Juniper Networks Junos. Attackers can use this vulnerability to exhaust session resources and deny legitimate users. The verification of md5 checksums and GPG signatures is performed automatically for you. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded. IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to 9.8.4_P1 since the 9.7 series is no longer supported. It is possible that some changes may be required to your local configuration. This release addresses some denial-of-service and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 12.1 package: 2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz Slackware 12.2 package: ddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz Slackware 13.0 package: b6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz Slackware x86_64 13.0 package: b35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz Slackware 13.1 package: a6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz Slackware 13.37 package: 04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz Slackware x86_64 13.37 package: f4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz Slackware 14.0 package: 66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz Slackware -current package: 83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz Slackware x86_64 -current package: 4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz Then, restart the name server: # /etc/rc.d/rc.bind restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ---------------------------------------------------------------------- We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi ---------------------------------------------------------------------- TITLE: ISC BIND Bad Cache Assertion Failure and TCP Query Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA50020 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50020/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50020 RELEASE DATE: 2012-07-25 DISCUSS ADVISORY: http://secunia.com/advisories/50020/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50020/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50020 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). Successful exploitation of this vulnerability requires that DNSSEC validation is enabled. This vulnerability is reported in versions 9.6-ESV-R1 through 9.6-ESV-R7-P1, 9.7.1 through 9.7.6-P1, 9.8.0 through 9.8.3-P1, and 9.9.0 through 9.9.1-P1. 2) A memory leak error when processing TCP queries can be exploited to increase the number of misplaced ns_client objects and trigger an out-of-memory condition. This vulnerability is reported in versions 9.9.0 through 9.9.1-P1. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Einar Lonn, IIS.se 2) Kevin Sheehan, Infoblox, Inc. and Anand Buddhdev, RIPE NCC. ORIGINAL ADVISORY: https://www.isc.org/software/aftr/advisories/cve-2012-3817 https://www.isc.org/software/bind/advisories/cve-2012-3868 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze6. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 1:9.8.1.dfsg.P1-4.2. We recommend that you upgrade your bind9 packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2012:1123-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1123.html Issue date: 2012-07-31 CVE Names: CVE-2012-3817 ===================================================================== 1. Summary: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was enabled. (CVE-2012-3817) Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 842897 - CVE-2012-3817 bind: heavy DNSSEC validation load can cause assertion failure 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm i386: bind-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm bind-utils-9.3.6-20.P1.el5_8.2.i386.rpm x86_64: bind-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm i386: bind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm x86_64: bind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.6-20.P1.el5_8.2.src.rpm i386: bind-9.3.6-20.P1.el5_8.2.i386.rpm bind-chroot-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-sdb-9.3.6-20.P1.el5_8.2.i386.rpm bind-utils-9.3.6-20.P1.el5_8.2.i386.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.i386.rpm ia64: bind-9.3.6-20.P1.el5_8.2.ia64.rpm bind-chroot-9.3.6-20.P1.el5_8.2.ia64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ia64.rpm bind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ia64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.ia64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.ia64.rpm bind-utils-9.3.6-20.P1.el5_8.2.ia64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.ia64.rpm ppc: bind-9.3.6-20.P1.el5_8.2.ppc.rpm bind-chroot-9.3.6-20.P1.el5_8.2.ppc.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ppc.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm bind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-libs-9.3.6-20.P1.el5_8.2.ppc.rpm bind-libs-9.3.6-20.P1.el5_8.2.ppc64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.ppc.rpm bind-utils-9.3.6-20.P1.el5_8.2.ppc.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.ppc.rpm s390x: bind-9.3.6-20.P1.el5_8.2.s390x.rpm bind-chroot-9.3.6-20.P1.el5_8.2.s390x.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.s390.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.s390x.rpm bind-devel-9.3.6-20.P1.el5_8.2.s390.rpm bind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.s390.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.s390x.rpm bind-libs-9.3.6-20.P1.el5_8.2.s390.rpm bind-libs-9.3.6-20.P1.el5_8.2.s390x.rpm bind-sdb-9.3.6-20.P1.el5_8.2.s390x.rpm bind-utils-9.3.6-20.P1.el5_8.2.s390x.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.s390x.rpm x86_64: bind-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-chroot-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.i386.rpm bind-debuginfo-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.i386.rpm bind-libbind-devel-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-libs-9.3.6-20.P1.el5_8.2.i386.rpm bind-libs-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-sdb-9.3.6-20.P1.el5_8.2.x86_64.rpm bind-utils-9.3.6-20.P1.el5_8.2.x86_64.rpm caching-nameserver-9.3.6-20.P1.el5_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm ppc64: bind-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm s390x: bind-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.s390x.rpm x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm ppc64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.ppc.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.s390.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.s390x.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm x86_64: bind-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-chroot-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-libs-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-utils-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/bind-9.8.2-0.10.rc1.el6_3.2.src.rpm i386: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-debuginfo-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpm bind-devel-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm bind-sdb-9.8.2-0.10.rc1.el6_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-3817.html https://access.redhat.com/security/updates/classification/#important http://www.isc.org/software/bind/advisories/cve-2012-3817 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQF1jgXlSAg2UNWIIRAhfLAKC7IA3Vlbw8YTJSpY/DfKn7S81tIgCgq/b2 7PGAy2HFq2b2y+ASSTx67k0= =uM7c -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: BIND: Multiple vulnerabilities Date: September 24, 2012 Bugs: #402661, #419637, #427966, #434876 ID: 201209-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in BIND, the worst of which may allow remote Denial of Service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/bind < 9.9.1_p3 >= 9.9.1_p3 Description =========== Multiple vulnerabilities have been discovered in BIND: * Domain names are not properly revoked due to an error in the cache update policy (CVE-2012-1033). * BIND accepts records with zero-length RDATA fields (CVE-2012-1667). * A memory leak may occur under high TCP query loads (CVE-2012-3868). * An assertion error can occur when a query is performed for a record with RDATA greater than 65535 bytes (CVE-2012-4244). Impact ====== A remote attacker may be able to cause a Denial of Service condition or keep domain names resolvable after it has been deleted from registration. Workaround ========== There is no known workaround at this time. Resolution ========== All BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.1_p3" References ========== [ 1 ] CVE-2012-1033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1033 [ 2 ] CVE-2012-1667 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1667 [ 3 ] CVE-2012-3817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3817 [ 4 ] CVE-2012-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3868 [ 5 ] CVE-2012-4244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4244 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201209-04.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24. CVE-ID CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558 Bind Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems. CVE-ID CVE-2012-3817 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2013-2266 Certificate Trust Policy Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots. The complete list of recognized system roots may be viewed via the Keychain Access application. ClamAV Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5 Impact: Multiple vulnerabilities in ClamAV Description: Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8. CVE-ID CVE-2013-2020 CVE-2013-2021 CoreGraphics Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team ImageIO Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team Installer Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Packages could be opened after certificate revocation Description: When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package. CVE-ID CVE-2013-1027 IPSec Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by properly checking the certificate. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de Kernel Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A local network user may cause a denial of service Description: An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check. CVE-ID CVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC. Mobile Device Management Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Passwords may be disclosed to other local users Description: A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe. CVE-ID CVE-2013-1030 : Per Olofsson at the University of Gothenburg OpenSSL Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y. CVE-ID CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 PHP Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26. CVE-ID CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 CVE-2013-2110 PostgreSQL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PostgreSQL Description: Multiple vulnerabilities exist in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.0.13. CVE-ID CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903 Power Management Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: The screen saver may not start after the specified time period Description: A power assertion lock issue existed. This issue was addressed through improved lock handling. CVE-ID CVE-2013-1031 QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1032 : Jason Kratzer working with iDefense VCP Screen Lock Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A user with screen sharing access may be able to bypass the screen lock when another user is logged in Description: A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking. CVE-ID CVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq Note: OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate. OS X Mountain Lion v10.8.5 and Security Update 2013-004 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The Software Update utility will present the update that applies to your system configuration. Only one is needed, either OS X Mountain Lion v10.8.5, or Security Update 2013-004. For OS X Mountain Lion v10.8.4 The download file is named: OSXUpd10.8.5.dmg Its SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11 For OS X Mountain Lion v10.8 and v10.8.3 The download file is named: OSXUpdCombo10.8.5.dmg Its SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2 For OS X Lion v10.7.5 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0 For OS X Lion Server v10.7.5 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355 For Mac OS X v10.6.8 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4 QxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc +WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ bZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN 1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3 H9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ hDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ 8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa V2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl ytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I yoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn vBrJ5gm+nnyRe2TUMAwz =h9hc -----END PGP SIGNATURE-----

Trust: 3.15

sources: NVD: CVE-2012-3817 // JVNDB: JVNDB-2012-003305 // CNNVD: CNNVD-201305-411 // BID: 60012 // VULMON: CVE-2012-3817 // PACKETSTORM: 115104 // PACKETSTORM: 118736 // PACKETSTORM: 115001 // PACKETSTORM: 115117 // PACKETSTORM: 115129 // PACKETSTORM: 116801 // PACKETSTORM: 123228

AFFECTED PRODUCTS

vendor:	isc	model:	bind	scope:	eq	version:	9.9.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.9.0	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.5	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.6	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.5	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.4	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.3-p2	Trust: 0.8
vendor:	isc	model:	bind	scope:	lt	version:	9.9.x	Trust: 0.8
vendor:	isc	model:	bind	scope:	lt	version:	9.7.x	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.8 to v10.8.4	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.4.x	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	3.5	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	4.0	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.6.x	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.5.x	Trust: 0.8
vendor:	isc	model:	bind	scope:	lt	version:	9.8.x	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.7.5	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.7.5	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.9.1-p2	Trust: 0.8
vendor:	vmware	model:	esx	scope:	eq	version:	4.1	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv-r7-p2	Trust: 0.8
vendor:	isc	model:	bind	scope:	lt	version:	9.6-esv	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.7.6-p2	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv	Trust: 0.6
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv-r4	Trust: 0.6
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv-r6	Trust: 0.6
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv-r5	Trust: 0.6
vendor:	isc	model:	bind	scope:	eq	version:	9.6-esv-r3	Trust: 0.6
vendor:	juniper	model:	networks junos	scope:	eq	version:	8.0	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	6.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	6.3	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	6.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	6.1	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.7	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.6	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.5	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.3	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.1	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	5.0	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.6	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.5	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.1	Trust: 0.3
vendor:	juniper	model:	networks junos r1.1	scope:	eq	version:	9.0	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	juniper	model:	networks junos 8.5.r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos r1.14	scope:	eq	version:	8.5	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	8.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	8.3	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	8.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	8.1	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	7.3	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	6.0	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	4.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	4.3	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	4.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	4.1	Trust: 0.3
vendor:	juniper	model:	networks junos 11.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos 11.1r4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	11.1	Trust: 0.3
vendor:	juniper	model:	networks junos 10.4r6	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	10.4	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	10.3	Trust: 0.3
vendor:	juniper	model:	networks junos 10.2r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos 10.2r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	10.2	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	10.1	Trust: 0.3
vendor:	juniper	model:	networks junos 10.0s18	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	networks junos	scope:	eq	version:	10.0	Trust: 0.3

sources: BID: 60012 // JVNDB: JVNDB-2012-003305 // CNNVD: CNNVD-201207-437 // NVD: CVE-2012-3817

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3817
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3817
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201207-437
value:	HIGH
Trust: 0.6
VULMON:	CVE-2012-3817
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3817
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: VULMON: CVE-2012-3817 // JVNDB: JVNDB-2012-003305 // CNNVD: CNNVD-201207-437 // NVD: CVE-2012-3817

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2012-003305 // NVD: CVE-2012-3817

THREAT TYPE

remote

Trust: 1.4

sources: PACKETSTORM: 115129 // PACKETSTORM: 116801 // CNNVD: CNNVD-201305-411 // CNNVD: CNNVD-201207-437

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201207-437

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003305

PATCH

title:	APPLE-SA-2013-09-12-1	url:	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	Trust: 0.8
title:	HT5880	url:	http://support.apple.com/kb/HT5880	Trust: 0.8
title:	HT5880	url:	http://support.apple.com/kb/HT5880?viewlocale=ja_JP	Trust: 0.8
title:	CVE-2012-3817: Heavy DNSSEC Validation Load Can Cause a "Bad Cache" Assertion Failure in BIND9	url:	https://kb.isc.org/article/AA-00729	Trust: 0.8
title:	CVE-2012-3817 [JP]: 高負荷のDNSSEC検証によってBIND9に"Bad Cache"表明違反が発生する	url:	https://kb.isc.org/article/AA-00752	Trust: 0.8
title:	openSUSE-SU-2012:0971	url:	http://lists.opensuse.org/opensuse-updates/2012-08/msg00015.html	Trust: 0.8
title:	openSUSE-SU-2012:0969	url:	http://lists.opensuse.org/opensuse-updates/2012-08/msg00013.html	Trust: 0.8
title:	RHSA-2012:1123	url:	http://rhn.redhat.com/errata/RHSA-2012-1123.html	Trust: 0.8
title:	RHSA-2012:1122	url:	http://rhn.redhat.com/errata/RHSA-2012-1122.html	Trust: 0.8
title:	CVE-2012-3817 Denial of Service (DoS) vulnerability in Bind	url:	http://blogs.oracle.com/sunsecurity/entry/cve_2012_3817_denial_of	Trust: 0.8
title:	USN-1518-1	url:	http://www.ubuntu.com/usn/USN-1518-1/	Trust: 0.8
title:	VMSA-2012-0016	url:	http://www.vmware.com/security/advisories/VMSA-2012-0016.html	Trust: 0.8
title:	Red Hat: Important: bind security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121123 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: bind97 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121122 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: CVE-2012-3817	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=ffc06743cfe6b573156e9ecf408f4609	Trust: 0.1
title:	Ubuntu Security Notice: bind9 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1518-1	Trust: 0.1
title:	Debian Security Advisories: DSA-2517-1 bind9 -- denial of service	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=39443ec661376e47ee641d00e5e9b897	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2012-113	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-113	Trust: 0.1
title:	-	url:	https://github.com/DButter/whitehat_public	Trust: 0.1

sources: VULMON: CVE-2012-3817 // JVNDB: JVNDB-2012-003305

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3817	Trust: 3.2
db:	ISC	id:	AA-00729	Trust: 1.8
db:	SECTRACK	id:	1027296	Trust: 1.1
db:	SECUNIA	id:	51096	Trust: 1.1
db:	BID	id:	60012	Trust: 0.9
db:	JVNDB	id:	JVNDB-2012-003305	Trust: 0.8
db:	SECUNIA	id:	50020	Trust: 0.8
db:	BID	id:	54658	Trust: 0.7
db:	CNNVD	id:	CNNVD-201305-411	Trust: 0.6
db:	NSFOCUS	id:	20299	Trust: 0.6
db:	NSFOCUS	id:	20142	Trust: 0.6
db:	CNNVD	id:	CNNVD-201207-437	Trust: 0.6
db:	JUNIPER	id:	JSA10564	Trust: 0.3
db:	JUNIPER	id:	JSA10562	Trust: 0.3
db:	VULMON	id:	CVE-2012-3817	Trust: 0.1
db:	PACKETSTORM	id:	115104	Trust: 0.1
db:	PACKETSTORM	id:	118736	Trust: 0.1
db:	PACKETSTORM	id:	115001	Trust: 0.1
db:	PACKETSTORM	id:	115117	Trust: 0.1
db:	PACKETSTORM	id:	115129	Trust: 0.1
db:	PACKETSTORM	id:	116801	Trust: 0.1
db:	PACKETSTORM	id:	123228	Trust: 0.1

sources: VULMON: CVE-2012-3817 // BID: 60012 // JVNDB: JVNDB-2012-003305 // PACKETSTORM: 115104 // PACKETSTORM: 118736 // PACKETSTORM: 115001 // PACKETSTORM: 115117 // PACKETSTORM: 115129 // PACKETSTORM: 116801 // PACKETSTORM: 123228 // CNNVD: CNNVD-201305-411 // CNNVD: CNNVD-201207-437 // NVD: CVE-2012-3817

REFERENCES

url:	https://kb.isc.org/article/aa-00729	Trust: 1.8
url:	http://rhn.redhat.com/errata/rhsa-2012-1123.html	Trust: 1.2
url:	http://www.ubuntu.com/usn/usn-1518-1	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-1122.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-updates/2012-08/msg00013.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-updates/2012-08/msg00015.html	Trust: 1.1
url:	http://www.debian.org/security/2012/dsa-2517	Trust: 1.1
url:	http://www.securitytracker.com/id?1027296	Trust: 1.1
url:	http://secunia.com/advisories/51096	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html	Trust: 1.1
url:	http://support.apple.com/kb/ht5880	Trust: 1.1
url:	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3817	Trust: 1.0
url:	http://jprs.jp/tech/security/2012-07-25-bind9-vuln-heavy-dnssec-validation-load.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3817	Trust: 0.8
url:	http://www.securityfocus.com/bid/54658	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3817	Trust: 0.6
url:	http://www.securityfocus.com/bid/60012	Trust: 0.6
url:	http://secunia.com/advisories/50020	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20299	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20142	Trust: 0.6
url:	http://www.juniper.net/	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10564	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10562	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2012-5688	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1667	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-5166	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3868	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4244	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2012:1123	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/1518-1/	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=26477	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5166	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3868	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5688	Trust: 0.1
url:	http://slackware.com	Trust: 0.1
url:	http://osuosl.org)	Trust: 0.1
url:	http://slackware.com/gpg-key	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1667	Trust: 0.1
url:	http://secunia.com/advisories/50020/	Trust: 0.1
url:	https://www.isc.org/software/bind/advisories/cve-2012-3868	Trust: 0.1
url:	http://secunia.com/psi	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50020	Trust: 0.1
url:	http://secunia.com/advisories/50020/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	https://www.isc.org/software/aftr/advisories/cve-2012-3817	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://www.redhat.com/security/data/cve/cve-2012-3817.html	Trust: 0.1
url:	https://access.redhat.com/security/team/key/#package	Trust: 0.1
url:	http://bugzilla.redhat.com/):	Trust: 0.1
url:	http://www.isc.org/software/bind/advisories/cve-2012-3817	Trust: 0.1
url:	https://access.redhat.com/knowledge/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201209-04.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1667	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3868	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3817	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1033	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4244	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1033	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3499	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1899	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4558	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1635	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1025	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0169	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1029	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1643	Trust: 0.1
url:	http://www.apple.com/support/downloads/	Trust: 0.1
url:	https://www.traud.de	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2687	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1901	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1026	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1824	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1027	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1031	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1902	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1032	Trust: 0.1
url:	http://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1030	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2686	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1028	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0883	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1900	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0166	Trust: 0.1

CREDITS

Einar Lonn

Trust: 0.6

sources: CNNVD: CNNVD-201207-437

SOURCES

db:	VULMON	id:	CVE-2012-3817
db:	BID	id:	60012
db:	JVNDB	id:	JVNDB-2012-003305
db:	PACKETSTORM	id:	115104
db:	PACKETSTORM	id:	118736
db:	PACKETSTORM	id:	115001
db:	PACKETSTORM	id:	115117
db:	PACKETSTORM	id:	115129
db:	PACKETSTORM	id:	116801
db:	PACKETSTORM	id:	123228
db:	CNNVD	id:	CNNVD-201305-411
db:	CNNVD	id:	CNNVD-201207-437
db:	NVD	id:	CVE-2012-3817

LAST UPDATE DATE

2024-11-11T21:51:16.110000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2012-3817	date:	2018-10-30T00:00:00
db:	BID	id:	60012	date:	2013-05-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-003305	date:	2013-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201305-411	date:	2013-05-21T00:00:00
db:	CNNVD	id:	CNNVD-201207-437	date:	2012-07-26T00:00:00
db:	NVD	id:	CVE-2012-3817	date:	2018-10-30T16:27:02.467

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2012-3817	date:	2012-07-25T00:00:00
db:	BID	id:	60012	date:	2013-05-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-003305	date:	2012-07-26T00:00:00
db:	PACKETSTORM	id:	115104	date:	2012-07-30T19:20:53
db:	PACKETSTORM	id:	118736	date:	2012-12-10T23:33:33
db:	PACKETSTORM	id:	115001	date:	2012-07-25T04:55:44
db:	PACKETSTORM	id:	115117	date:	2012-07-31T01:46:22
db:	PACKETSTORM	id:	115129	date:	2012-07-31T05:07:20
db:	PACKETSTORM	id:	116801	date:	2012-09-24T15:03:03
db:	PACKETSTORM	id:	123228	date:	2013-09-13T19:32:22
db:	CNNVD	id:	CNNVD-201305-411	date:	2013-05-21T00:00:00
db:	CNNVD	id:	CNNVD-201207-437	date:	2012-07-26T00:00:00
db:	NVD	id:	CVE-2012-3817	date:	2012-07-25T10:42:35.803