Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHSA-2016:0458-01

Overview

Id RHSA-2016:0458-01
Name Red Hat 2016:0458-01 RHSA Important: bind97 security update for RHEL 5 x86_64
Vendor Name red_hat
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 16 Mar 2016 12:00:00

RHSA-2016:0458-01

Red Hat 2016:0458-01 RHSA Important: bind97 security update for RHEL 5 x86_64

Vendor Name

red_hat

Product

None

Released On

16 Mar 2016 12:00:00

Url

https://rhn.redhat.com/errata/RHSA-2016-0458.html

Description

LSAC(v2)
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. (CVE-2016-1286) A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. (CVE-2016-1285) Red Hat would like to thank ISC for reporting these issues. All bind97 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:23:17