Topic: BIND 9 ciritical vulnerability - CVE-2015-5477 (Read 48276 times)

katrinateuserv · « **on:** July 30, 2015, 05:07:25 PM »

Hello,

we like to inform you about a critical vulnerability in the ISC Bind 9 Nameserver. The assigned CVE-ID is CVE-2015-5477.

If you use Bind 9, please check for updates and apply it as soon as possible to mitigate this vulnerability.

The patched versions regarding ISC are 9.9.7-P2 and 9.10.2-P3.

Distribution specific links
CentOS 6: https://www.centos.org/forums/viewtopic.php?f=17&t=53532
Redhat: https://access.redhat.com/security/cve/CVE-2015-5477
SuSE: https://www.suse.com/security/cve/CVE-2015-5477.html
Debian: https://security-tracker.debian.org/tracker/CVE-2015-5477
Ubuntu: http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5477.html
Arch: https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html
FreeBSD: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:17.bind.asc

* affected platforms, as known to date
F5 Networks BIG-IP Protocol Security Module (PSM) >= 10.1.0
F5 Networks BIG-IP Protocol Security Module (PSM) <= 10.2.4
F5 Networks BIG-IP Protocol Security Module (PSM) >= 11.0.0
F5 Networks BIG-IP Protocol Security Module (PSM) <= 11.4.1
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
Canonical Ubuntu Linux 12.04 Lts
Canonical Ubuntu Linux 14.04 Lts
Canonical Ubuntu Linux 15.04
Debian Linux 7.8 Wheezy
Debian Linux 8.1 Jessie
FreeBSD <= 8.4-RELEASE-p34
FreeBSD 8.4-STABLE
FreeBSD <= 9.3-RELEASE-p20
FreeBSD 9.3-STABLE
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 11 SP2 LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 VMware
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
Red Hat Enterprise Linux Desktop 5 Client
Red Hat Enterprise Linux Desktop 5 Workstation/Client
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 7
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux HPC Node 7
Red Hat Enterprise Linux Server 5
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Workstation 7

* More information directly at:
https://kb.isc.org/article/AA-01272/0/CVE-2015-5477

kind regards,
Ronny

Author Topic: BIND 9 ciritical vulnerability - CVE-2015-5477 (Read 48276 times)

katrinateuserv

BIND 9 ciritical vulnerability - CVE-2015-5477