On Wed, Sep 28, 2011 at 4:05 PM, FreeBSD Security Advisories <security-advisories@freebsd.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > FreeBSD-SA-11:03.bind =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0 =A0 =A0 =A0 =A0 =A0 Security Advisory > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0The FreeBSD Project > > Topic: =A0 =A0 =A0 =A0 =A0Remote packet Denial of Service against named(8= ) servers > > Category: =A0 =A0 =A0 contrib > Module: =A0 =A0 =A0 =A0 bind > Announced: =A0 =A0 =A02011-09-28 > Credits: =A0 =A0 =A0 =A0Roy Arends > Affects: =A0 =A0 =A0 =A08.2-STABLE after 2011-05-28 and prior to the corr= ection date > Corrected: =A0 =A0 =A02011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE) > CVE Name: =A0 =A0 =A0 CVE-2011-2464 > > Note: This advisory concerns a vulnerability which existed only in > the FreeBSD 8-STABLE branch and was fixed over two months prior to the > date of this advisory. > > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:http://security.FreeBSD.org/>. > > I. =A0 Background > > BIND 9 is an implementation of the Domain Name System (DNS) protocols. > The named(8) daemon is an Internet Domain Name Server. > > II. =A0Problem Description > > A logic error in the BIND code causes the BIND daemon to accept bogus > data, which could cause the daemon to crash. > > III. Impact > > An attacker able to send traffic to the BIND daemon can cause it to > crash, resulting in a denial of service. > > IV. =A0Workaround > > No workaround is available, but systems not running the BIND name server > are not affected. > > V. =A0 Solution > > Upgrade your vulnerable system to 8-STABLE dated after the correction > date. > > VI. =A0Correction details > > The following list contains the revision numbers of each file that was > corrected in FreeBSD. > > CVS: > > Branch =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Revision > =A0Path > - -----------------------------------------------------------------------= -- > RELENG_8 > =A0src/contrib/bind9/lib/dns/message.c =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 1.3.2.3 > - -----------------------------------------------------------------------= -- > > Subversion: > > Branch/path > Revision > - -----------------------------------------------------------------------= -- > stable/8/ =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 r223815 > - -----------------------------------------------------------------------= -- > > VII. References > > http://www.isc.org/software/bind/advisories/cve-2011-2464 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2011-2464 > > The latest revision of this advisory is available at > http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.18 (FreeBSD) > > iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG > 9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK > =3DaUvD > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" > Only updating to 8.X for solution? there is no patch for this advisory? Thank You --=20 budsz _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"