-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2012-0090 

 

Title: Denial of Service vulnerability in ISC BIND [1] 

 

Version history: 

02.08.2012 Initial publication 

 

Summary and Potential impact 

============================ 

 

CVE-2012-3817 

CVSS v2 Base Score:7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [2,3] 

Some versions of ISC BIND 9, when DNSSEC validation is enabled, do not properly initialize the failing-
query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon 
exit) by sending many queries. 

 

Vulnerable Systems 

================== 

ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 
9.6-ESV before 9.6-ESV-R7-P2 

 

What can you do? 

================ 

Updates are available [4] 

 

Please refer to the vendor or maintainer of your Software to get the exact information about updates. 

 

What to tell your users? 

======================== 

N/A 

 

More information 

================ 

[1] http://security-tracker.debian.org/tracker/CVE-2012-3817 

[2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3817 

[3] More information about CVSS is available at: http://www.first.org/cvss/cvss-guide.html 

[4] http://www.isc.org/software/bind 

 

 

Best regards, 

 

CERT-EU Pre-configuration Team (http://cert.europa.eu) 

Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu 

PGP KeyID 0x46AC4383 

FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 

Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJQGlkjAAoJEPpzpNLI8SVo4dAQAIWiOOneg53kM7G6jErQ1pmG
W0f2zhkMaa67jQO+JtjDPFAYFCGbzPqPms3XRnCiFJ3HoAfABnTul2fILa6tqkFB
BLOsRb6Wddp1wewwVmQPsFnTLp8k4CMEnE0GjtAvXCsXRqozg0Bs/JcvWqYDa0zz
AE+xRODdXEhYvy3QT5HNyJIE/B+zqlHj0e+85l02ZNTal4KCphhdpjoHCb4dqmBD
Md+l61Id7oyYPFxErbwd5vssIr31meaO2sP1+IdNWeBu2aU5ITjIAD5SlTdYTG/K
jbPPllm41PQ4kutug0gRe3yfAacZWfKK3QkUF3xoYmoEp5VDFOfu3pFS01wSabXn
gqjILBkG99oZisEcc0I9D0rNtkIrPs04OOnYUozOWlTkJjYmgolHKG+3dkl42eaC
hXrMgO5Frml/uCG0p4ZQXi1aBiSDbVok0C9XbYTKydqMxxTPRUohB6FzlyTGJ2Ku
DImaATsGd+7IbjkKC7mUmOvWyDhIYll+vBDf5/UR9ieUeUKka+mOWUTh3IBuADiw
STjlu+rIvJyEpIq5EAp6ZX6Y3Hr0vkXtkKjBG7tCs3plKUSgieq3s3w9NALGxcur
6s0J6Msk+DPz3dhXVWMyITkKoWJ122dhetb07/deprPHjud8BcWlIQij8z83Gbug
djw/rq+xRIJiibCpjLzV
=V6Cm
-----END PGP SIGNATURE-----