SuSE Update For Bind SUSE-SA:2011:029 Network Vulnerability

Impact

remote denial of service

Solution

Please Install the Updated Packages.

Insight

A remote Denial of Service vulnerability has been fixed in the BIND DNS nameserver. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 This issue affected bind 9.6 and later, so SUSE Linux Enterprise 10 SP4, SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 and 11.4 were affected. Older service packs / products are not affected by CVE-2011-2464. Please also note that the other currently published security issue, CVE-2011-2465, affected only BIND versions 9.8.0 and later, which none of our current products include, making all of them not affected by this issue.

Affected

bind on openSUSE 11.3, openSUSE 11.4

References

http://www.suse.com/support/security/advisories/2011_29_bind.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2464, CVE-2011-2465
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

SLES10: Security update for Emacs
SLES10: Security update for icu
SLES10: Security update for expat
SLES10: Security update for opensc
SLES10: Security update for pam_krb5

SuSE Update for bind SUSE-SA:2011:029

Take action and discover your vulnerabilities