diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2011-07-05 23:39:46 +0000 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2011-07-05 23:39:46 +0000 |
| commit | 1426f1a2bd9156f3f9583f60b530974762ef58b4 (patch) | |
| tree | c052141d8c3b80f538145b6f0a470114d4059f9b /security | |
| parent | 2e27a6ad54ea461eba95d52f2325b02ef1fde5cd (diff) | |
| download | ports-1426f1a2bd9156f3f9583f60b530974762ef58b4.tar.gz ports-1426f1a2bd9156f3f9583f60b530974762ef58b4.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7e56a550b37c..4b2f8abfb706 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,72 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + + <vuln vid="fd64188d-a71d-11e0-89b4-001ec9578670"> + <topic>BIND -- Remote DoS against authoritative and recursive servers</topic> + <affects> + <package> + <name>bind96</name> + <range><lt>9.6.3.1.ESV.R4.3</lt></range> + </package> + <package> + <name>bind97</name> + <range><lt>9.7.3.3</lt></range> + </package> + <package> + <name>bind98</name> + <range><lt>9.8.0.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>ISC reports:</p> + <blockquote cite="https://www.isc.org/software/bind/advisories/cve-2011-2464"> + <p>A defect in the affected BIND 9 versions allows an attacker to remotely + cause the "named" process to exit using a specially crafted packet.</p> + <p>This defect affects both recursive and authoritative servers.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-2464</cvename> + <url>https://www.isc.org/software/bind/advisories/cve-2011-2464</url> + </references> + <dates> + <discovery>2011-07-05</discovery> + <entry>2011-07-05</entry> + </dates> + </vuln> + + <vuln vid="4ccee784-a721-11e0-89b4-001ec9578670"> + <topic>BIND -- Remote DoS with certain RPZ configurations</topic> + <affects> + <package> + <name>bind98</name> + <range><lt>9.8.0.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>ISC reports:</p> + <blockquote cite="https://www.isc.org/software/bind/advisories/cve-2011-2465"> + <p>Two defects were discovered in ISC's BIND 9.8 code. These defects only affect BIND 9.8 + servers which have recursion enabled and which use a specific feature of the software + known as Response Policy Zones (RPZ) and where the RPZ zone contains a specific + rule/action pattern.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-2465</cvename> + <url>https://www.isc.org/software/bind/advisories/cve-2011-2465</url> + </references> + <dates> + <discovery>2011-07-05</discovery> + <entry>2011-07-05</entry> + </dates> + </vuln> + <vuln vid="7e4e5c53-a56c-11e0-b180-00216aa06fc2"> <topic>phpmyadmin -- multiple vulnerabilities</topic> <affects> |