Users of Bind please be advised of a denial of service vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
It was discovered that Bind would incorrectly allow a ncache entry and a
rrsig for the same type. A remote attacker could exploit this to cause
Bind to crash, resulting in a denial of service. (CVE-2010-3613)
It was discovered that Bind would incorrectly mark zone data as insecure
when the zone is undergoing a key algorithm rollover. (CVE-2010-3614)
See this Amp at http://bit.ly/hruLHb
No comments:
Post a Comment