Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 2081-1 Security Alert: bind9 Denial of Service Vulnerability

Calendar Jan 13, 2014 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory Ubuntu Denial of Service bind9 network issue
Bind could be made to crash if it received specially crafted network traffic. 
=========================================================================Ubuntu Security Notice USN-2081-1
January 13, 2014

bind9 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
- bind9: Internet Domain Name Server

Details:

Jared Mauch discovered that Bind incorrectly handled certain queries for
NSEC3-signed zones. A remote attacker could use this flaw with a specially
crafted query to cause Bind to stop responding, resulting in a denial of
service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
  bind9                           1:9.9.3.dfsg.P2-4ubuntu1.1

Ubuntu 13.04:
  bind9                           1:9.9.2.dfsg.P1-2ubuntu2.2

Ubuntu 12.10:
  bind9                           1:9.8.1.dfsg.P1-4.2ubuntu3.4

Ubuntu 12.04 LTS:
  bind9                           1:9.8.1.dfsg.P1-4ubuntu0.8

Ubuntu 10.04 LTS:
  bind9                           1:9.7.0.dfsg.P1-1ubuntu0.11

In general, a standard system update will make all the necessary changes.

References:
  
  CVE-2014-0591

Package Information:
  https://launchpad.net/ubuntu/+source/bind9/1:9.9.3.dfsg.P2-4ubuntu1.1
  https://launchpad.net/ubuntu/+source/bind9/1:9.9.2.dfsg.P1-2ubuntu2.2
  https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4.2ubuntu3.4
  https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.8
  https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.11

Ubuntu 2081-1 Security Alert: bind9 Denial of Service Vulnerability

ubuntu
Calendar Grey January 13, 2014
Dist Ubuntu Esm H88
Issue found in Bind on Ubuntu. Immediate update required to avert failure stemming from maliciously designed network packets.
Bind could be made to crash if it received specially crafted network traffic.

Summary

Topics%20covered

Topics Covered

security advisory Ubuntu Denial of Service bind9 network issue

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: bind9 1:9.9.3.dfsg.P2-4ubuntu1.1 Ubuntu 13.04: bind9 1:9.9.2.dfsg.P1-2ubuntu2.2 Ubuntu 12.10: bind9 1:9.8.1.dfsg.P1-4.2ubuntu3.4 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.8 Ubuntu 10.04 LTS: bind9 1:9.7.0.dfsg.P1-1ubuntu0.11 In general, a standard system update will make all the necessary changes.

References

CVE-2014-0591

Severity
important
Lowest
Low
Medium
High
Critical

January 13, 2014

Topics%20covered

Topics Covered

security advisory Ubuntu Denial of Service bind9 network issue

Package Information

https://launchpad.net/ubuntu/+source/bind9/1:9.9.3.dfsg.P2-4ubuntu1.1 https://launchpad.net/ubuntu/+source/bind9/1:9.9.2.dfsg.P1-2ubuntu2.2 https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4.2ubuntu3.4 https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.8 https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here