Debian Security Advisory
bind -- remote Denial of Service
- Date Reported:
- 12 Nov 2000
- Affected Packages:
-
bind
bind-dev
dnsutils - Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-0887, CVE-2000-0888.
- More information:
-
The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable to
a remote denial of service attack, which can cause the nameserver to crash
after accessing an uninitialized pointer. This problem is fixed in the current
maintenance release of BIND, 8.2.2P7, and in the Debian package version
8.2.2p7-1 for both stable and unstable releases.
We recommend that all users of BIND upgrade immediately.
- Fixed in:
-
Debian GNU/Linux 2.2 (potato)
- Source:
- http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7-1.diff.gz
- http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7-1.dsc
- http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7.orig.tar.gz
- http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7-1.dsc
- Alpha:
- http://security.debian.org/dists/potato/updates/main/binary-alpha/bind_8.2.2p7-1_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/bind-dev_8.2.2p7-1_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/dnsutils_8.2.2p7-1_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/bind-dev_8.2.2p7-1_alpha.deb
- ARM:
- http://security.debian.org/dists/potato/updates/main/binary-arm/bind_8.2.2p7-1_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/bind-dev_8.2.2p7-1_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/dnsutils_8.2.2p7-1_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/bind-dev_8.2.2p7-1_arm.deb
- Intel IA-32:
- http://security.debian.org/dists/potato/updates/main/binary-i386/bind_8.2.2p7-1_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/bind-dev_8.2.2p7-1_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/dnsutils_8.2.2p7-1_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/bind-dev_8.2.2p7-1_i386.deb
- Motorola 680x0:
- http://security.debian.org/dists/potato/updates/main/binary-m68k/bind_8.2.2p7-1_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/bind-dev_8.2.2p7-1_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/dnsutils_8.2.2p7-1_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/bind-dev_8.2.2p7-1_m68k.deb
- PowerPC:
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/bind_8.2.2p7-1_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/bind-dev_8.2.2p7-1_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/dnsutils_8.2.2p7-1_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/bind-dev_8.2.2p7-1_powerpc.deb
- Sun SPARC:
- http://security.debian.org/dists/potato/updates/main/binary-sparc/bind_8.2.2p7-1_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/bind-dev_8.2.2p7-1_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/dnsutils_8.2.2p7-1_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/bind-dev_8.2.2p7-1_sparc.deb