Ubuntu update for Bind



Published: 2015-07-28 | Updated: 2023-05-07
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2009-0696
CWE-ID CWE-617
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software
Subscribe 		ISC BIND
Server applications / DNS servers

Vendor ISC

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Assertion failure

EUVDB-ID: #VU6168

Risk: High

CVSSv3.1: 7.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2009-0696

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to assertion failure in dns_db_findrdataset() function within db.c when named is configured as a master server. A remote unauthenticated attacker can send an ANY record in the prerequisite section of a crafted dynamic update message and trigger assertion failure and daemon exit.

Successful exploitation of this vulnerability may allow an attacker to perform denial of service (DoS) attack.

Note: this vulnerability is being actively exploited.

Mitigation

Update the affected packages

Ubuntu 9.04:
bind9 1:9.5.1.dfsg.P2-1ubuntu0.1
Ubuntu 8.10:
bind9 1:9.5.0.dfsg.P2-1ubuntu3.2
Ubuntu 8.04 LTS:
bind9 1:9.4.2.dfsg.P2-2ubuntu0.2
Ubuntu 6.06 LTS:
bind9 1:9.3.2-2ubuntu1.7

Vulnerable software versions

ISC BIND: 9.4 - 9.6.1

External links

http://www.ubuntu.com/usn/usn-808-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.



###SIDEBAR###