FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351541
Date:      2014-04-18
Time:      14:56:43Z
Committer: ohauer

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1e1421f0-8d6f-11e0-89b4-001ec9578670BIND -- Large RRSIG RRsets and Negative Caching DoS

ISC reports:

A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash.


Discovery 2011-05-26
Entry 2011-06-04
bind9-sdb-ldap
bind9-sdb-postgresql
lt 9.4.3.4

bind96
lt 9.6.3.1.ESV.R4.1

bind97
lt 9.7.3.1

bind98
lt 9.8.0.2

CVE-2011-1910
SA-11:02.bind
http://www.isc.org/software/bind/advisories/cve-2011-1910
1e1421f0-8d6f-11e0-89b4-001ec9578670BIND -- Large RRSIG RRsets and Negative Caching DoS

ISC reports:

A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash.


Discovery 2011-05-26
Entry 2011-06-04
bind9-sdb-ldap
bind9-sdb-postgresql
lt 9.4.3.4

bind96
lt 9.6.3.1.ESV.R4.1

bind97
lt 9.7.3.1

bind98
lt 9.8.0.2

CVE-2011-1910
SA-11:02.bind
http://www.isc.org/software/bind/advisories/cve-2011-1910
83725c91-7c7e-11de-9672-00e0815b8da8BIND -- Dynamic update message remote DoS

Problem Description:

When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit.

To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server.

Impact:

An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation.

Workaround:

No generally applicable workaround is available, but some firewalls may be able to prevent nsupdate DNS packets from reaching the nameserver.

NOTE WELL: Merely configuring named(8) to ignore dynamic updates is NOT sufficient to protect it from this vulnerability.


Discovery 2009-07-28
Entry 2009-08-01
Modified 2009-08-04
bind9
lt 9.3.6.1.1

bind9-sdb-postgresql
bind9-sdb-ldap
lt 9.4.3.3

CVE-2009-0696
SA-09:12.bind
http://www.kb.cert.org/vuls/id/725188
https://www.isc.org/node/474
83725c91-7c7e-11de-9672-00e0815b8da8BIND -- Dynamic update message remote DoS

Problem Description:

When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit.

To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server.

Impact:

An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation.

Workaround:

No generally applicable workaround is available, but some firewalls may be able to prevent nsupdate DNS packets from reaching the nameserver.

NOTE WELL: Merely configuring named(8) to ignore dynamic updates is NOT sufficient to protect it from this vulnerability.


Discovery 2009-07-28
Entry 2009-08-01
Modified 2009-08-04
bind9
lt 9.3.6.1.1

bind9-sdb-postgresql
bind9-sdb-ldap
lt 9.4.3.3

CVE-2009-0696
SA-09:12.bind
http://www.kb.cert.org/vuls/id/725188
https://www.isc.org/node/474