Sign-up

ID

VAR-201502-0366


CVE

CVE-2015-1349


TITLE

ISC BIND 9 Service operation interruption (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001534

DESCRIPTION

named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ "BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: *a key which was previously trusted is now flagged as revoked; *there are no other trusted keys available; *there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: *during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2015:0672-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html Issue date: 2015-03-10 CVE Names: CVE-2015-1349 ===================================================================== 1. Summary: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm ppc64: bind-9.9.4-18.el7_1.1.ppc64.rpm bind-chroot-9.9.4-18.el7_1.1.ppc64.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-9.9.4-18.el7_1.1.ppc.rpm bind-libs-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm bind-utils-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-9.9.4-18.el7_1.1.s390x.rpm bind-chroot-9.9.4-18.el7_1.1.s390x.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-libs-9.9.4-18.el7_1.1.s390.rpm bind-libs-9.9.4-18.el7_1.1.s390x.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm bind-utils-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.ael7b_1.1.src.rpm noarch: bind-license-9.9.4-18.ael7b_1.1.noarch.rpm ppc64le: bind-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-devel-9.9.4-18.el7_1.1.ppc.rpm bind-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-devel-9.9.4-18.el7_1.1.s390.rpm bind-devel-9.9.4-18.el7_1.1.s390x.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1349 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW 7ZfcyFEskWi6YX7JcLMs9Fg= =dWCz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . This can lead to resource exhaustion and denial of service (up to and including termination of the named server process) (CVE-2014-8500). Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator&#039;s part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives &quot;dnssec-lookaside auto;&quot; (as enabled in the Mandriva default configuration) or &quot;dnssec-validation auto;&quot; (CVE-2015-1349). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://advisories.mageia.org/MGASA-2014-0524.html http://advisories.mageia.org/MGASA-2015-0082.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-09-16-4 OS X Server 5.0.3 OS X Server 5.0.3 is now available and addresses the following: apache Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 BIND Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7. CVE-ID CVE-2014-8500 CVE-2015-1349 PostgreSQL Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 Wiki Server Available for: OS X Yosemite v10.10.4 or later Impact: Multiple XML security issues in Wiki Server Description: Multiple XML vulnerabilities existed in Wiki Server based on Twisted. This issue was addressed by removing Twisted. CVE-ID CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research Center OS X Server 5.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:05.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service vulnerability Category: contrib Module: bind Announced: 2015-02-25 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x. Corrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE) 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10) 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE) 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24) CVE Name: CVE-2015-1349 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. II. Problem Description BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. III. IV. Workaround Only systems that runs BIND, including recursive resolvers and authoritative servers that performs DNSSEC validation and using managed-keys are affected. This issue can be worked around by not using "auto" for the dnssec-validation or dnssec-lookaside options and do not configure a managed-keys statement. Note that in order to do DNSSEC validation with this workaround one would have to configure an explicit trusted-keys statement with the appropriate keys. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch # fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc # gpg --verify bind.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. Restart the applicable daemons, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r278973 releng/8.4/ r279265 stable/9/ r278972 releng/9.3/ r279265 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. ============================================================================ Ubuntu Security Notice USN-2503-1 February 18, 2015 bind9 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Bind could be made to crash if it received specially crafted network traffic. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: bind9 1:9.9.5.dfsg-4.3ubuntu0.2 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.2 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.10 In general, a standard system update will make all the necessary changes

Trust: 2.43

sources: NVD: CVE-2015-1349 // JVNDB: JVNDB-2015-001534 // BID: 72673 // PACKETSTORM: 130646 // PACKETSTORM: 130758 // PACKETSTORM: 131222 // PACKETSTORM: 133619 // PACKETSTORM: 130558 // PACKETSTORM: 130446

AFFECTED PRODUCTS

vendor:iscmodel:bindscope:eqversion:9.8.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.6

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.9.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.1

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.0

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.7

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.10.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.10.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.4

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.6

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.4

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.10.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.7

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.6

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.4

Trust: 1.0

vendor:iscmodel:bindscope:lteversion:9.7.0 from 9.10.1-p1

Trust: 0.8

vendor:applemodel:macos serverscope:ltversion:5.0.3 (os x yosemite v10.10.5 or later )

Trust: 0.8

vendor:iscmodel:bindscope:eqversion:9.7.0b1

Trust: 0.6

vendor:ubuntumodel:linuxscope:eqversion:14.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:susemodel:opensuse evergreenscope:eqversion:11.4

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.37

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.0

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server eus 6.6.zscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:junipermodel:northstar controller applicationscope:eqversion:2.1.0

Trust: 0.3

vendor:iscmodel:bind 9.7.1-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind p1scope:eqversion:9.7.1

Trust: 0.3

vendor:iscmodel:bind p2scope:eqversion:9.7.0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.2

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p9scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc2-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rcscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta3-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.3

Trust: 0.3

vendor:freebsdmodel:9.2-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p9scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p13scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p12scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc2-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:rc2scope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:rc1scope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:prereleasescope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:9.1-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p23scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p22scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p20scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p19scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p18scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p17scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p12scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:release-p5scope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:release-p4scope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:9.0-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.0

Trust: 0.3

vendor:freebsdmodel:8.4-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p9scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p23scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p20scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p19scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p17scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p13scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p12scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-rc2-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-rc1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-beta1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.4

Trust: 0.3

vendor:freebsdmodel:8.3-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.3

Trust: 0.3

vendor:freebsdmodel:8.2-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-release-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:release -p3scope:eqversion:8.2-

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.2

Trust: 0.3

vendor:freebsdmodel:8.1-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.1

Trust: 0.3

vendor:freebsdmodel:8.0-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.0-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.0-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:-release-p5scope:eqversion:8.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.0

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:avayamodel:session border controller for enterprisescope:eqversion:6.3.0

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:9.0

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.1

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:9.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:cmsscope:eqversion:17.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura collaboration environmentscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:aura collaboration environmentscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x4.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x3.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

vendor:junipermodel:northstar controller application service packscope:neversion:2.1.01

Trust: 0.3

vendor:freebsdmodel:9.3-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p10scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:8.4-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p24scope:neversion: -

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x5.0.3

Trust: 0.3

sources: BID: 72673 // JVNDB: JVNDB-2015-001534 // CNNVD: CNNVD-201502-414 // NVD: CVE-2015-1349

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-1349
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-1349
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201502-414
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2015-1349
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2015-001534 // CNNVD: CNNVD-201502-414 // NVD: CVE-2015-1349

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.8

sources: JVNDB: JVNDB-2015-001534 // NVD: CVE-2015-1349

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 130758 // PACKETSTORM: 130558 // PACKETSTORM: 130446 // CNNVD: CNNVD-201502-414

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201502-414

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001534

PATCH
title:APPLE-SA-2015-09-16-4 OS X Server 5.0.3url:http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
Trust: 0.8
title:HT205219url:https://support.apple.com/en-us/HT205219
Trust: 0.8
title:HT205219url:http://support.apple.com/ja-jp/HT205219
Trust: 0.8
title:HPSBUX03379url:http://marc.info/?l=bugtraq&amp;m=143740940810833&amp;w=2
Trust: 0.8
title:CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crashurl:https://kb.isc.org/article/AA-01235/
Trust: 0.8
title:SB10116url:https://kc.mcafee.com/corporate/index?page=content&id=SB10116
Trust: 0.8
title:Bug 1193820url:https://bugzilla.redhat.com/show_bug.cgi?id=1193820
Trust: 0.8
title:RHSA-2015:0672url:https://rhn.redhat.com/errata/RHSA-2015-0672.html
Trust: 0.8
title:BIND9.9.7.x86url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54140
Trust: 0.6
title:bind-9.10.2url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54143
Trust: 0.6
title:BIND9.10.2.x86url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54142
Trust: 0.6
title:bind-9.9.7url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54141
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-001534 // 
            
            
            
            CNNVD: CNNVD-201502-414

EXTERNAL IDS
db:NVDid:CVE-2015-1349
Trust: 3.3
db:ISCid:AA-01235
Trust: 2.0
db:JUNIPERid:JSA10783
Trust: 1.3
db:MCAFEEid:SB10116
Trust: 1.0
db:JVNid:JVNVU99970459
Trust: 0.8
db:JVNid:JVNVU93982119
Trust: 0.8
db:JVNDBid:JVNDB-2015-001534
Trust: 0.8
db:CNNVDid:CNNVD-201502-414
Trust: 0.6
db:BIDid:72673
Trust: 0.3
db:PACKETSTORMid:130646
Trust: 0.1
db:PACKETSTORMid:130758
Trust: 0.1
db:PACKETSTORMid:131222
Trust: 0.1
db:PACKETSTORMid:133619
Trust: 0.1
db:PACKETSTORMid:130558
Trust: 0.1
db:PACKETSTORMid:130446
Trust: 0.1
sources:
            
            
            BID: 72673 // 
            
            
            
            PACKETSTORM: 130646 // 
            
            
            
            PACKETSTORM: 130758 // 
            
            
            
            PACKETSTORM: 131222 // 
            
            
            
            PACKETSTORM: 133619 // 
            
            
            
            PACKETSTORM: 130558 // 
            
            
            
            PACKETSTORM: 130446 // 
            
            
            
            JVNDB: JVNDB-2015-001534 // 
            
            
            
            CNNVD: CNNVD-201502-414 // 
            
            
            
            NVD: CVE-2015-1349

REFERENCES
url:http://advisories.mageia.org/mgasa-2015-0082.html
Trust: 2.0
url:https://kb.isc.org/article/aa-01235
Trust: 1.9
url:http://www.ubuntu.com/usn/usn-2503-1
Trust: 1.7
url:http://rhn.redhat.com/errata/rhsa-2015-0672.html
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349
Trust: 1.0
url:https://kb.juniper.net/jsa10783
Trust: 1.0
url:http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150905.html
Trust: 1.0
url:https://bugzilla.redhat.com/show_bug.cgi?id=1193820
Trust: 1.0
url:http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html
Trust: 1.0
url:http://www.mandriva.com/security/advisories?name=mdvsa-2015:054
Trust: 1.0
url:http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
Trust: 1.0
url:http://www.mandriva.com/security/advisories?name=mdvsa-2015:165
Trust: 1.0
url:http://lists.apple.com/archives/security-announce/2015/sep/msg00004.html
Trust: 1.0
url:https://support.apple.com/ht205219
Trust: 1.0
url:https://kc.mcafee.com/corporate/index?page=content&id=sb10116
Trust: 1.0
url:https://security.gentoo.org/glsa/201510-01
Trust: 1.0
url:http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html
Trust: 1.0
url:http://marc.info/?l=bugtraq&m=143740940810833&w=2
Trust: 1.0
url:http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150904.html
Trust: 1.0
url:http://jprs.jp/tech/security/2015-02-19-bind9-vuln-managed-trust-anchors.html
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93982119/
Trust: 0.8
url:http://jvn.jp/vu/jvnvu99970459/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1349
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2015-1349
Trust: 0.6
url:http://seclists.org/bugtraq/2015/feb/145
Trust: 0.3
url:http://www.isc.org/products/bind/
Trust: 0.3
url:http://seclists.org/bugtraq/2015/jul/96
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10783&cat=sirt_1&actp=list
Trust: 0.3
url:https://downloads.avaya.com/css/p8/documents/101009291
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1020682
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1022295
Trust: 0.3
url:http://seclists.org/bugtraq/2015/apr/158
Trust: 0.3
url:http://www.mandriva.com/en/support/security/
Trust: 0.2
url:http://www.mandriva.com/en/support/security/advisories/
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-8500
Trust: 0.2
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.1
url:https://bugzilla.redhat.com/):
Trust: 0.1
url:https://access.redhat.com/security/team/key/
Trust: 0.1
url:https://access.redhat.com/articles/11258
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#moderate
Trust: 0.1
url:https://access.redhat.com/security/cve/cve-2015-1349
Trust: 0.1
url:https://access.redhat.com/security/team/contact/
Trust: 0.1
url:http://advisories.mageia.org/mgasa-2014-0524.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8500
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-8109
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3185
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-3583
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-8161
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0253
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0242
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0241
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0243
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3183
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-3581
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0228
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-5911
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3166
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3165
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0067
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-5704
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3167
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-0244
Trust: 0.1
url:https://www.freebsd.org/handbook/makeworld.html>.
Trust: 0.1
url:https://security.freebsd.org/>.
Trust: 0.1
url:https://security.freebsd.org/advisories/freebsd-sa-15:05.bind.asc>
Trust: 0.1
url:https://security.freebsd.org/patches/sa-15:05/bind.patch.asc
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349>
Trust: 0.1
url:https://security.freebsd.org/patches/sa-15:05/bind.patch
Trust: 0.1
url:https://svnweb.freebsd.org/base?view=revision&revision=nnnnnn>
Trust: 0.1
url:https://kb.isc.org/article/aa-01235>
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.10
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.2
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-4.3ubuntu0.2
Trust: 0.1
sources:
            
            
            BID: 72673 // 
            
            
            
            PACKETSTORM: 130646 // 
            
            
            
            PACKETSTORM: 130758 // 
            
            
            
            PACKETSTORM: 131222 // 
            
            
            
            PACKETSTORM: 133619 // 
            
            
            
            PACKETSTORM: 130558 // 
            
            
            
            PACKETSTORM: 130446 // 
            
            
            
            JVNDB: JVNDB-2015-001534 // 
            
            
            
            CNNVD: CNNVD-201502-414 // 
            
            
            
            NVD: CVE-2015-1349

CREDITS
Jan-Piet Mens
Trust: 0.3
sources:
            
            
            BID: 72673

SOURCES
db:BIDid:72673
db:PACKETSTORMid:130646
db:PACKETSTORMid:130758
db:PACKETSTORMid:131222
db:PACKETSTORMid:133619
db:PACKETSTORMid:130558
db:PACKETSTORMid:130446
db:JVNDBid:JVNDB-2015-001534
db:CNNVDid:CNNVD-201502-414
db:NVDid:CVE-2015-1349

LAST UPDATE DATE
2025-06-25T21:06:02.420000+00:00

SOURCES UPDATE DATE
db:BIDid:72673date:2017-04-18T01:05:00
db:JVNDBid:JVNDB-2015-001534date:2015-10-05T00:00:00
db:CNNVDid:CNNVD-201502-414date:2015-02-26T00:00:00
db:NVDid:CVE-2015-1349date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:BIDid:72673date:2015-02-18T00:00:00
db:PACKETSTORMid:130646date:2015-03-04T18:22:22
db:PACKETSTORMid:130758date:2015-03-11T16:04:19
db:PACKETSTORMid:131222date:2015-03-31T16:02:39
db:PACKETSTORMid:133619date:2015-09-19T15:37:27
db:PACKETSTORMid:130558date:2015-02-26T17:25:28
db:PACKETSTORMid:130446date:2015-02-18T22:42:55
db:JVNDBid:JVNDB-2015-001534date:2015-02-20T00:00:00
db:CNNVDid:CNNVD-201502-414date:2015-02-26T00:00:00
db:NVDid:CVE-2015-1349date:2015-02-19T03:01:22.287