Debian Security Advisory

bind -- Denial of service vulnerabilities in bind

Date Reported:

16 Nov 1999

Affected Packages:

bind

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-1999-0833, CVE-1999-0835, CVE-1999-0837, CVE-1999-0848, CVE-1999-0849, CVE-1999-0851.

More information:

The version of bind in Debian GNU/Linux 2.1 is vulnerable to several denial of service attacks, as outlined in CERT advisory CA-99.14. Note that the bind in Debian GNU/Linux 2.1 (bind 8.2.1) is not vulnerable to the NXT record root exploit, which takes advantage of a feature added to bind 8.2.

Fixed in:

Source:: http://security.debian.org/dists/slink/updates/source/bind_8.2.2p5-0slink1.dif; http://security.debian.org/dists/slink/updates/source/bind_8.2.2p5-0slink1.dsc; http://security.debian.org/dists/slink/updates/source/bind_8.2.2p5.orig.tar.gz
alpha:: http://security.debian.org/dists/slink/updates/binary-alpha/bind_8.2.2p5-0slink1_alpha.deb
i386:: http://security.debian.org/dists/slink/updates/binary-i386/bind_8.2.2p5-0slink1_i386.deb
m68k:: http://security.debian.org/dists/slink/updates/binary-m68k/bind_8.2.2p5-0slink1_m68k.deb
sparc:: http://security.debian.org/dists/slink/updates/binary-sparc/bind_8.2.2p5-0slink1_sparc.deb