Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 597
Alerts This Week
Warning Icon 1 597

Ubuntu 16.04/16.10: USN-3201-1 Moderate: Bind9 DoS Vulnerability

ubuntu
Calendar Grey February 16, 2017
Dist Ubuntu Esm H88
Debian USN-3253-1 tackles vulnerable Samba components that may be exploited by malicious requests, leading to potential data exposure.
Bind could be made to crash if it received specially crafted network traffic.

Summary

Bind could be made to crash if it received specially crafted network

traffic.

Software Description:

- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled rewriting certain query

responses when using both DNS64 and RPZ. A remote attacker could possibly

use this issue to cause Bind to crash, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  bind9                           1:9.10.3.dfsg.P4-10.1ubuntu1.3

Ubuntu 16.04 LTS:
  bind9                           1:9.10.3.dfsg.P4-8ubuntu1.5

Ubuntu 14.04 LTS:
  bind9                           1:9.9.5.dfsg-3ubuntu0.13

Ubuntu 12.04 LTS:
  bind9                           1:9.8.1.dfsg.P1-4ubuntu0.21

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3201-1

CVE-2017-3135

February 16, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.