oss-sec mailing list archives

Re: debian bug report on bind9 DoS


From: Vincent Danen <vdanen () redhat com>
Date: Tue, 28 Jul 2009 14:14:55 -0600

* [2009-07-28 22:09:20 +0200] Thijs Kinkhorst wrote:

On tiisdei 28 July 2009, Vincent Danen wrote:
There's a bind 9 DoS reported in Debian's BTS [1] that provides a
reproducer and some interesting info on a bind9 crash.

This probably requires a CVE name.

CERT-CC have assigned CVE-2009-0696 to this.
See: http://www.kb.cert.org/vuls/id/725188

Thanks for that.  I also just noticed the CERT VU with the new releases.
The new releases only fix this issue from the looks of things (at least
for 9.4.3-P3 which is what I looked at).

--
Vincent Danen / Red Hat Security Response Team

Current thread: