Alert GCSA-22033 - Vulnerabilita' in ISC BIND
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-22033
Data: 17 marzo 2022
Titolo: Vulnerabilita' in ISC BIND
******************************************************************
:: Descrizione del problema
L'Internet Systems Consortium (ISC) ha rilasciato degli aggiornamenti
che risolvono alcune vulnerabilita' presenti nel server DNS BIND.
Tali vulnerabilita' potrebbero essere sfruttate da un attaccante remoto
per provocare condizioni di Denial of Service.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
BIND 9.11.0 to 9.11.36
BIND 9.12.0 to 9.16.26
BIND 9.17.0 to 9.18.0
BIND Supported Preview Edition 9.11.4-S1 to 9.11.36-S1
BIND Supported Preview Edition 9.16.8-S1 to 9.16.26-S1
:: Impatto
Denial of Service (DoS)
:: Soluzioni
Aggiornare BIND alle ultime versioni
BIND 9.11.37
BIND 9.16.27
BIND 9.18.1
BIND 9.11.37-S1
BIND 9.16.27-S1
https://www.isc.org/download/
:: Riferimenti
ISC BIND Security Advisory
https://kb.isc.org/docs/cve-2021-25220
https://kb.isc.org/docs/cve-2022-0396
https://kb.isc.org/docs/cve-2022-0635
https://kb.isc.org/docs/cve-2022-0667
BIND 9 Security Vulnerability Matrix
https://kb.isc.org/docs/aa-00913
Original Bulletin
https://lists.isc.org/pipermail/bind-announce/2022-March/001216.html
https://lists.isc.org/pipermail/bind-announce/2022-March/
Mitre's CVE ID
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYjM7gAAKCRDBnEyTZRJg
QtBbAJ9O7En9m3M7l9ba4vxse7MoTbHs9QCfYwvvOooWx84hcZw00I9DaU/FjvY=
=YiMJ
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-22033
Data: 17 marzo 2022
Titolo: Vulnerabilita' in ISC BIND
******************************************************************
:: Descrizione del problema
L'Internet Systems Consortium (ISC) ha rilasciato degli aggiornamenti
che risolvono alcune vulnerabilita' presenti nel server DNS BIND.
Tali vulnerabilita' potrebbero essere sfruttate da un attaccante remoto
per provocare condizioni di Denial of Service.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
BIND 9.11.0 to 9.11.36
BIND 9.12.0 to 9.16.26
BIND 9.17.0 to 9.18.0
BIND Supported Preview Edition 9.11.4-S1 to 9.11.36-S1
BIND Supported Preview Edition 9.16.8-S1 to 9.16.26-S1
:: Impatto
Denial of Service (DoS)
:: Soluzioni
Aggiornare BIND alle ultime versioni
BIND 9.11.37
BIND 9.16.27
BIND 9.18.1
BIND 9.11.37-S1
BIND 9.16.27-S1
https://www.isc.org/download/
:: Riferimenti
ISC BIND Security Advisory
https://kb.isc.org/docs/cve-2021-25220
https://kb.isc.org/docs/cve-2022-0396
https://kb.isc.org/docs/cve-2022-0635
https://kb.isc.org/docs/cve-2022-0667
BIND 9 Security Vulnerability Matrix
https://kb.isc.org/docs/aa-00913
Original Bulletin
https://lists.isc.org/pipermail/bind-announce/2022-March/001216.html
https://lists.isc.org/pipermail/bind-announce/2022-March/
Mitre's CVE ID
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYjM7gAAKCRDBnEyTZRJg
QtBbAJ9O7En9m3M7l9ba4vxse7MoTbHs9QCfYwvvOooWx84hcZw00I9DaU/FjvY=
=YiMJ
-----END PGP SIGNATURE-----