You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa bind9

Sigurnosni nedostatak programskog paketa bind9

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3956-2
May 09, 2019

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

Bind could be made to consume resources if it received specially
crafted network traffic.

Software Description:
– bind9: Internet Domain Name Server

Details:

USN-3956-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

 It was discovered that Bind incorrectly handled limiting the number of
 simultaneous TCP clients. A remote attacker could possibly use this
 issue to cause Bind to consume resources, leading to a denial of
 service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  bind9                           1:9.9.5.dfsg-3ubuntu0.19+esm1

Ubuntu 12.04 ESM:
  bind9                           1:9.8.1.dfsg.P1-4ubuntu0.28

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3956-2
  https://usn.ubuntu.com/usn/usn-3956-1
  CVE-2018-5743—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJc1CH0AAoJEEW851uECx9pCWkP/2kAgJFNHkDGVir7egFNZX3h
6a/sxULwU0mLsmwdum1e0zuAGwU8ev69Uo2OmHBBjou9d8zQQAx4UEO6bOBf7Zhk
J/qoAyzDejidxcpKo4UAEv9JPH+eoizqpVZnwA7kCwf2sftX15TKMWQNmUehJs/8
1XOrhyTXmPcziSo3dwcfzeyMQrdbvuB0+KcYy8qn5h7mcf8sqXTEBmoX4fiIb5b/
lorfQH7ZSZZvyCBJEaTxSshBw6AO4gAZH+QgrkNolZegtELED01QlWlnUEtfnTDb
sLLRZQ0w3wDf17f2Et5lnIkvH2zFmvVrhOPqIMd3l0+DM4kSZnNkeznq/bJzDB7E
RvQQi2nSXqedPyFCZ0SAFoEDNjoyAReMDgIbJwQfWbjYOnNWfldIPsh9+60qqmmf
YsSF/wAuIyc+fhWeogDgkDAD8zL0iETqqfGgItf9yfitXE5jXv6s6jo68eEHrJUk
I+66ABvBU4ytDeMTtXky1H1axM8cRli9WENPvzspCparvMQZruoJn6/ygIBQLUmw
ZjMkVCT/A17/9C5yeqsXApOtXFqiU1asUAbct50UK9v6tvis2sFeNVLoqsDGwK21
yHjhc3tMhx1n5jlYKQGajn/0XzokV42HHDtzzky19QgxNSbsnmItzcBdl8hGcd6j
lEA/pJXr86z9GKaxa0NO
=LCXe
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa wireshark

Otkriveni su sigurnosni nedostaci u programskom paketu wireshark za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja....

Close