CVE-2012-4244

Priority
Medium
Description
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3,
and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to
cause a denial of service (assertion failure and named daemon exit) via a
query for a long resource record.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
https://kb.isc.org/article/AA-00778/74
https://bugzilla.redhat.com/show_bug.cgi?id=856754
http://www.ubuntu.com/usn/usn-1566-1
Bugs
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1050211
Assigned-to
mdeslaur
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1:9.4.2.dfsg.P2-2ubuntu0.11)
Ubuntu 10.04 LTS (Lucid Lynx):released (1:9.7.0.dfsg.P1-1ubuntu0.7)
Ubuntu 11.04 (Natty Narwhal):released (1:9.7.3.dfsg-1ubuntu2.6)
Ubuntu 11.10 (Oneiric Ocelot):released (1:9.7.3.dfsg-1ubuntu4.4)
Ubuntu 12.04 LTS (Precise Pangolin):released (1:9.8.1.dfsg.P1-4ubuntu0.3)
Ubuntu 12.10 (Quantal Quetzal):released (1:9.8.1.dfsg.P1-4.2ubuntu2)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-09-21 11:14:37 UTC (commit 5790)