Upstream information

CVE-2007-0493 at MITRE

Description

Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.8
Vector AV:N/AC:L/Au:N/C:N/I:N/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entry: 238634 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • bind >= 9.3.2-56.1
  • bind-devel >= 9.3.2-56.1
  • bind-doc >= 9.3.2-56.1
  • bind-libs >= 9.3.2-56.1
  • bind-libs-32bit >= 9.3.2-56.1
  • bind-libs-64bit >= 9.3.2-56.1
  • bind-lwresd >= 9.3.2-56.1
  • bind-utils >= 9.3.2-56.1
  • nss_lwres >= 0.93-6.2
SUSE LINUX 9.3
  • bind >= 9.3.2-56.1
  • bind-devel >= 9.3.2-56.1
  • bind-doc >= 9.3.2-56.1
  • bind-libs >= 9.3.2-56.1
  • bind-libs-32bit >= 9.3-7.4
  • bind-lwresd >= 9.3.2-56.1
  • bind-utils >= 9.3.2-56.1
  • nss_lwres >= 0.93-5.3
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • bind9 >= 9.2.2-101
slrs8.x86
ul1.s390
YOU Patch Nr: 11411
SUSE LINUX 10.0
  • bind >= 9.3.2-56.1
  • bind-libs >= 9.3.2-56.1
  • bind-libs-32bit >= 9.3.2-56.1
  • bind-libs-64bit >= 9.3.2-56.1
  • bind-utils >= 9.3.2-56.1
SUSE LINUX 10.1
  • bind >= 9.3.2-17.15
  • bind-libs >= 9.3.2-17.15
  • bind-libs-32bit >= 9.3.2-17.15
  • bind-libs-64bit >= 9.3.2-17.15
  • bind-utils >= 9.3.2-17.15
SUSE LINUX 9.3
  • bind >= 9.3.2-56.1
  • bind-libs >= 9.3.2-56.1
  • bind-libs-32bit >= 9.3-0.1
  • bind-utils >= 9.3.2-56.1