CVE-2007-0494
First published: Thu Jan 25 2007(Updated: )
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISC BIND | =9.2.0-rc7 | |
| ISC BIND | =9.1.1-rc6 | |
| ISC BIND | =9.3.1-rc1 | |
| ISC BIND | =9.1.1 | |
| ISC BIND | =9.2.3-rc2 | |
| ISC BIND | =9.1.3 | |
| ISC BIND | =9.1.1-rc1 | |
| ISC BIND | =9.1.3-rc3 | |
| ISC BIND | =9.4.0-b2 | |
| ISC BIND | =9.2.0-b2 | |
| ISC BIND | =9.3.2-rc1 | |
| ISC BIND | =9.2.0-a3 | |
| ISC BIND | =9.2.3-rc4 | |
| ISC BIND | =9.2 | |
| ISC BIND | =9.3.0-rc4 | |
| ISC BIND | =9.2.4-rc8 | |
| ISC BIND | =9.2.1-rc1 | |
| ISC BIND | =9.3.0-rc2 | |
| ISC BIND | =9.0.0-rc2 | |
| ISC BIND | =9.4.0-a4 | |
| ISC BIND | =9.3 | |
| ISC BIND | =9.3.0-b2 | |
| ISC BIND | =9.1.0-rc1 | |
| ISC BIND | =9.0.0-rc1 | |
| ISC BIND | =9.2.5 | |
| ISC BIND | =9.3.2 | |
| ISC BIND | =9.1.1-rc5 | |
| ISC BIND | =9.2.3-rc3 | |
| ISC BIND | =9.2.0-rc2 | |
| ISC BIND | =9.2.5-b2 | |
| ISC BIND | =9.2.2 | |
| ISC BIND | =9.2.0-rc9 | |
| ISC BIND | =9.4.0-a3 | |
| ISC BIND | =9.5.0-a1 | |
| ISC BIND | =9.0.0-rc3 | |
| ISC BIND | =9.2.2-p2 | |
| ISC BIND | =9.2.4-rc6 | |
| ISC BIND | =9.3.0 | |
| ISC BIND | =9.3.0-b3 | |
| ISC BIND | =9.2.4-rc7 | |
| ISC BIND | =9.1.3-rc2 | |
| ISC BIND | =9.2.4 | |
| ISC BIND | =9.2.5-rc1 | |
| ISC BIND | =9.2.1 | |
| ISC BIND | =9.1.2 | |
| ISC BIND | =9.1.1-rc4 | |
| ISC BIND | =9.4.0-a2 | |
| ISC BIND | =9.3.1 | |
| ISC BIND | =9.2.0-rc4 | |
| ISC BIND | =9.1.1-rc3 | |
| ISC BIND | =9.1 | |
| ISC BIND | =9.2.1-rc2 | |
| ISC BIND | =9.4.0-b3 | |
| ISC BIND | =9.2.4-rc2 | |
| ISC BIND | =9.2.2-p3 | |
| ISC BIND | =9.1.3-rc1 | |
| ISC BIND | =9.2.2-rc1 | |
| ISC BIND | =9.2.0-rc3 | |
| ISC BIND | =9.2.0-rc8 | |
| ISC BIND | =9.0.1-rc2 | |
| ISC BIND | =9.2.4-rc3 | |
| ISC BIND | =9.0.0-rc6 | |
| ISC BIND | =9.4.0-a1 | |
| ISC BIND | =9.2.0-rc5 | |
| ISC BIND | =9.3.0-rc1 | |
| ISC BIND | =9.4.0-a5 | |
| ISC BIND | =9.3.0-b4 | |
| ISC BIND | =9.4.0-rc1 | |
| ISC BIND | =9.3.0-rc3 | |
| ISC BIND | =9.2.3 | |
| ISC BIND | =9.2.0-rc6 | |
| ISC BIND | =9.2.0-rc10 | |
| ISC BIND | =9.2.0 | |
| ISC BIND | =9.0.1 | |
| ISC BIND | =9.2.0-a2 | |
| ISC BIND | =9.1.1-rc2 | |
| ISC BIND | =9.4.0-b1 | |
| ISC BIND | =9.1.2-rc1 | |
| ISC BIND | =9.2.4-rc4 | |
| ISC BIND | =9.0.0-rc4 | |
| ISC BIND | =9.0 | |
| ISC BIND | =9.2.3-rc1 | |
| ISC BIND | =9.2.0-b1 | |
| ISC BIND | =9.2.4-rc5 | |
| ISC BIND | =9.2.0-rc1 | |
| ISC BIND | =9.0.0-rc5 | |
| ISC BIND | =9.2.6-rc1 | |
| ISC BIND | =9.0.1-rc1 | |
| ISC BIND | =9.3.1-b2 | |
| ISC BIND | =9.1.1-rc7 | |
| ISC BIND | =9.2.6 | |
| ISC BIND | =9.2.0-a1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8
- http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4
- http://secunia.com/advisories/23904
- http://www.isc.org/index.pl?/sw/bind/bind-security.php
- https://issues.rpath.com/browse/RPL-989
- http://www.debian.org/security/2007/dsa-1254
- http://fedoranews.org/cms/node/2507
- http://fedoranews.org/cms/node/2537
- http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc
- http://security.gentoo.org/glsa/glsa-200702-06.xml
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html
- http://www.redhat.com/support/errata/RHSA-2007-0044.html
- http://www.redhat.com/support/errata/RHSA-2007-0057.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html
- http://www.trustix.org/errata/2007/0005
- http://www.ubuntu.com/usn/usn-418-1
- http://www.securityfocus.com/bid/22231
- http://securitytracker.com/id?1017573
- http://secunia.com/advisories/23972
- http://secunia.com/advisories/23924
- http://secunia.com/advisories/23944
- http://secunia.com/advisories/23943
- http://secunia.com/advisories/23974
- http://secunia.com/advisories/23977
- http://secunia.com/advisories/24054
- http://secunia.com/advisories/24014
- http://secunia.com/advisories/24083
- http://secunia.com/advisories/24048
- http://secunia.com/advisories/24129
- http://secunia.com/advisories/24203
- http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm
- http://secunia.com/advisories/24648
- http://secunia.com/advisories/24950
- http://secunia.com/advisories/24930
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
- http://docs.info.apple.com/article.html?artnum=305530
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324
- http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:030
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1
- http://secunia.com/advisories/25402
- http://secunia.com/advisories/25649
- http://secunia.com/advisories/25715
- http://secunia.com/advisories/24284
- http://secunia.com/advisories/25482
- http://secunia.com/advisories/26909
- http://secunia.com/advisories/27706
- http://www.vupen.com/english/advisories/2007/2315
- http://www.vupen.com/english/advisories/2007/2163
- http://www.vupen.com/english/advisories/2007/1939
- http://www.vupen.com/english/advisories/2007/3229
- http://www.vupen.com/english/advisories/2007/1401
- http://www.vupen.com/english/advisories/2007/2245
- https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
- http://www.vupen.com/english/advisories/2007/2002
- http://marc.info/?l=bind-announce&m=116968519300764&w=2
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31838
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/isc
- canonical/isc bind
- version/isc bind/9.2.0-rc7
- version/isc bind/9.1.1-rc6
- version/isc bind/9.3.1-rc1
- version/isc bind/9.1.1
- version/isc bind/9.2.3-rc2
- version/isc bind/9.1.3
- version/isc bind/9.1.1-rc1
- version/isc bind/9.1.3-rc3
- version/isc bind/9.4.0-b2
- version/isc bind/9.2.0-b2
- version/isc bind/9.3.2-rc1
- version/isc bind/9.2.0-a3
- version/isc bind/9.2.3-rc4
- version/isc bind/9.2
- version/isc bind/9.3.0-rc4
- version/isc bind/9.2.4-rc8
- version/isc bind/9.2.1-rc1
- version/isc bind/9.3.0-rc2
- version/isc bind/9.0.0-rc2
- version/isc bind/9.4.0-a4
- version/isc bind/9.3
- version/isc bind/9.3.0-b2
- version/isc bind/9.1.0-rc1
- version/isc bind/9.0.0-rc1
- version/isc bind/9.2.5
- version/isc bind/9.3.2
- version/isc bind/9.1.1-rc5
- version/isc bind/9.2.3-rc3
- version/isc bind/9.2.0-rc2
- version/isc bind/9.2.5-b2
- version/isc bind/9.2.2
- version/isc bind/9.2.0-rc9
- version/isc bind/9.4.0-a3
- version/isc bind/9.5.0-a1
- version/isc bind/9.0.0-rc3
- version/isc bind/9.2.2-p2
- version/isc bind/9.2.4-rc6
- version/isc bind/9.3.0
- version/isc bind/9.3.0-b3
- version/isc bind/9.2.4-rc7
- version/isc bind/9.1.3-rc2
- version/isc bind/9.2.4
- version/isc bind/9.2.5-rc1
- version/isc bind/9.2.1
- version/isc bind/9.1.2
- version/isc bind/9.1.1-rc4
- version/isc bind/9.4.0-a2
- version/isc bind/9.3.1
- version/isc bind/9.2.0-rc4
- version/isc bind/9.1.1-rc3
- version/isc bind/9.1
- version/isc bind/9.2.1-rc2
- version/isc bind/9.4.0-b3
- version/isc bind/9.2.4-rc2
- version/isc bind/9.2.2-p3
- version/isc bind/9.1.3-rc1
- version/isc bind/9.2.2-rc1
- version/isc bind/9.2.0-rc3
- version/isc bind/9.2.0-rc8
- version/isc bind/9.0.1-rc2
- version/isc bind/9.2.4-rc3
- version/isc bind/9.0.0-rc6
- version/isc bind/9.4.0-a1
- version/isc bind/9.2.0-rc5
- version/isc bind/9.3.0-rc1
- version/isc bind/9.4.0-a5
- version/isc bind/9.3.0-b4
- version/isc bind/9.4.0-rc1
- version/isc bind/9.3.0-rc3
- version/isc bind/9.2.3
- version/isc bind/9.2.0-rc6
- version/isc bind/9.2.0-rc10
- version/isc bind/9.2.0
- version/isc bind/9.0.1
- version/isc bind/9.2.0-a2
- version/isc bind/9.1.1-rc2
- version/isc bind/9.4.0-b1
- version/isc bind/9.1.2-rc1
- version/isc bind/9.2.4-rc4
- version/isc bind/9.0.0-rc4
- version/isc bind/9.0
- version/isc bind/9.2.3-rc1
- version/isc bind/9.2.0-b1
- version/isc bind/9.2.4-rc5
- version/isc bind/9.2.0-rc1
- version/isc bind/9.0.0-rc5
- version/isc bind/9.2.6-rc1
- version/isc bind/9.0.1-rc1
- version/isc bind/9.3.1-b2
- version/isc bind/9.1.1-rc7
- version/isc bind/9.2.6
- version/isc bind/9.2.0-a1