Explore top 10 tips to secure your open-source projects now. Read More
×
Arch Linux Security Advisory ASA-201706-18 ========================================= Severity: Medium Date : 2017-06-15 CVE-ID : CVE-2017-3140 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-301 Summary ====== The package bind before version 9.11.1.P1-1 is vulnerable to denial of service. Resolution ========= Upgrade to 9.11.1.P1-1. # pacman -Syu "bind>=9.11.1.P1-1" The problem has been fixed upstream in version 9.11.1.P1. Workaround ========= None. Description ========== A security issue has been found the Bind named DNS server < 9.11.1P1, leading to a denial of service. A remote attacker can make a vulnerable server configured to use a RPZ containing NSDNAME or NSIPpolicy rules enter an endless loop, querying the same sets of authoritative servers repeatedly, by sending a crafted query. Impact ===== A remote attacker can cause a denial of service of a vulnerable server using NSDNAME or NSIP RPZ policies by sending a crafted query. References ========= https://security.archlinux.org/CVE-2017-3140