CVE-2014-8500

Impact:
Important
Public Date:
2014-12-08
CWE:
CWE-400
Bugzilla:
1171912: CVE-2014-8500 bind: delegation handling denial of service
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.

Find out more about CVE-2014-8500 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 5
Base Metrics AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Advanced Update Support 6.5 (bind) RHSA-2016:0078 2016-01-28
Red Hat Enterprise Linux 7 (bind) RHSA-2014:1984 2014-12-12
Red Hat Enterprise Linux Advanced Update Support 6.4 (bind) RHSA-2016:0078 2016-01-28
Red Hat Enterprise Linux 6 (bind) RHSA-2014:1984 2014-12-12
Red Hat Enterprise Linux 5 (bind) RHSA-2014:1984 2014-12-12
Red Hat Enterprise Linux 5 (bind97) RHSA-2014:1985 2014-12-12

Mitigation

External References

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.