Your submission was sent successfully! Close

USN-1783-1: Bind vulnerability

29 March 2013

Bind could be made to consume memory or crash if it received specially crafted network traffic.

Releases

Packages

  • bind9 - Internet Domain Name Server

Details

Matthew Horsfall discovered that Bind incorrectly handled regular
expression checking. A remote attacker could use this flaw to cause Bind to
consume an excessive amount of memory, possibly resulting in a denial of
service. This issue was corrected by disabling RDATA regular expression
syntax checking.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04

In general, a standard system update will make all the necessary changes.

References