FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2012-5166

This CVE name corresponds to:

Entered	Topic
2012-11-24	FreeBSD -- Multiple Denial of Service vulnerabilities with named(8)
2012-10-10	dns/bind9* -- crash on deliberately constructed combination of records

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2012-5166 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2012-5166
Phase	Assigned(20120926)

Description

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.

References

Source	Reference
CONFIRM	https://kb.isc.org/article/AA-00801
CONFIRM	http://www.isc.org/software/bind/advisories/cve-2012-5166
CONFIRM	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
CONFIRM	https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of
CONFIRM	http://support.apple.com/kb/HT5880
CONFIRM	http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc
AIXAPAR	IV30364
AIXAPAR	IV30365
AIXAPAR	IV30366
AIXAPAR	IV30367
AIXAPAR	IV30368
AIXAPAR	IV30247
AIXAPAR	IV30185
APPLE	APPLE-SA-2013-09-12-1
DEBIAN	DSA-2560
FEDORA	FEDORA-2012-15981
FEDORA	FEDORA-2012-16022
FEDORA	FEDORA-2012-15965
MANDRIVA	MDVSA-2012:162
REDHAT	RHSA-2012:1364
REDHAT	RHSA-2012:1365
REDHAT	RHSA-2012:1363
SLACKWARE	SSA:2012-341-01
SUSE	SUSE-SU-2012:1390
SUSE	openSUSE-SU-2012:1372
BID	55852
OSVDB	86118
OVAL	oval:org.mitre.oval:def:19706
SECUNIA	50903
SECUNIA	50909
SECUNIA	50956
SECUNIA	51054
SECUNIA	51096
SECUNIA	51078
SECUNIA	51106
SECUNIA	51178