BIND Security Advisories

BIND: cache incorrectly allows a ncache entry and a rrsig for the same type

Summary: 
Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named.
CVE: 
CVE-2010-3613
CERT: 
VU#706148
Posting date: 
01 Dec 2010
Program Impacted: 
BIND
Versions affected: 
9.0.x to 9.7.2-P2, 9.4-ESV to 9.4-ESV-R3, 9.6-ESV to 9.6-ESV-R2
Severity: 
High
Exploitable: 
remotely

BIND: allow-query processed incorrectly

Summary: 
Using "allow-query" in the "options" or "view" statements to restrict access to authoritative zones has no effect.
CVE: 
CVE-2010-3615
CERT: 
VU#510208
Posting date: 
01 Dec 2010
Program Impacted: 
BIND
Versions affected: 
9.7.2-P2
Severity: 
High
Exploitable: 
remotely

BIND: Key algorithm rollover bug in bind9

Summary: 
named (acting as DNSSEC validating resolver) could incorrectly mark zone data as insecure when the zone being queried is undergoing a key algorithm rollover.
CVE: 
CVE-2010-3614
CERT: 
VU#837744
Posting date: 
01 Dec 2010
Program Impacted: 
BIND
Versions affected: 
9.0.x to 9.7.2-P2, 9.4-ESV to 9.4-ESV-R3, 9.6-ESV to 9.6-ESV-R2
Severity: 
Low
Exploitable: 
remotely

BIND: failure to handle bad signatures if multiple trust anchors configured

Summary: 
This notification is not an actual Security Vulnerabiity, but is included here due to user concerns. ISC's evaluation of this issue according to the CVSS rating system did not determine this issue to need a security release.
CVE: 
CVE-2010-3762
Document Version: 
1
Posting date: 
18 Oct 2010
Program Impacted: 
BIND
Versions affected: 
9.7 - 9.7.2-P2
Severity: 
Minor
Exploitable: 
locally

Unexpected ACL Behavior in BIND 9.7.2

Summary: 
Wrong ACL applied.
CVE: 
CVE-2010-0218
Posting date: 
28 Sep 2010
Program Impacted: 
BIND
Versions affected: 
9.7.2 through 9.7.2-P1
Severity: 
Low
Exploitable: 
remotely
Share this