CVE-2012-5688

Publication date 5 December 2012

Last updated 24 July 2024

Ubuntu priority

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
bind9	12.10 quantal	Fixed 1:9.8.1.dfsg.P1-4.2ubuntu3.1
	12.04 LTS precise	Fixed 1:9.8.1.dfsg.P1-4ubuntu0.5
	11.10 oneiric	Not affected
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not affected

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

only 9.8.x and higher

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1657-1
Bind vulnerability
6 December 2012

Other references

https://www.isc.org/software/bind/advisories/cve-2012-5688
https://kb.isc.org/article/AA-00828
https://www.cve.org/CVERecord?id=CVE-2012-5688