Upstream information

CVE-2011-1907 at MITRE

Description

ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.96
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 692210 [RESOLVED / INVALID]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE Evergreen 11.4
  • bind >= 9.9.2P2-45.1
  • bind-chrootenv >= 9.9.2P2-45.1
  • bind-debuginfo >= 9.9.2P2-45.1
  • bind-debugsource >= 9.9.2P2-45.1
  • bind-devel >= 9.9.2P2-45.1
  • bind-doc >= 9.9.2P2-45.1
  • bind-libs >= 9.9.2P2-45.1
  • bind-libs-32bit >= 9.9.2P2-45.1
  • bind-libs-debuginfo >= 9.9.2P2-45.1
  • bind-libs-debuginfo-32bit >= 9.9.2P2-45.1
  • bind-libs-debuginfo-x86 >= 9.9.2P2-45.1
  • bind-libs-x86 >= 9.9.2P2-45.1
  • bind-lwresd >= 9.9.2P2-45.1
  • bind-lwresd-debuginfo >= 9.9.2P2-45.1
  • bind-utils >= 9.9.2P2-45.1
  • bind-utils-debuginfo >= 9.9.2P2-45.1
Patchnames:
2013-67