{"id": "D4C7E9A9-D893-11E6-9B4D-D050996490D0", "bulletinFamily": "unix", "title": "BIND -- multiple vulnerabilities", "description": "\nISC reports:\n\nA malformed query response received by a recursive\n\t server in response to a query of RTYPE ANY could\n\t trigger an assertion failure while named is attempting\n\t to add the RRs in the query response to the cache.\n\n\nDepending on the type of query and the EDNS options\n\t in the query they receive, DNSSEC-enabled authoritative\n\t servers are expected to include RRSIG and other RRsets\n\t in their responses to recursive servers.\n\t DNSSEC-validating servers will also make specific queries\n\t for DS and other RRsets.\n\t Whether DNSSEC-validating or not, an error in processing\n\t malformed query responses that contain DNSSEC-related\n\t RRsets that are inconsistent with other RRsets in the\n\t same query response can trigger an assertion failure.\n\t Although the combination of properties which triggers\n\t the assertion should not occur in normal traffic, it\n\t is potentially possible for the assertion to be triggered\n\t deliberately by an attacker sending a specially-constructed\n\t answer.\n\n\nAn unusually-formed answer containing a DS resource\n\t record could trigger an assertion failure. While the\n\t combination of properties which triggers the assertion\n\t should not occur in normal traffic, it is potentially\n\t possible for the assertion to be triggered deliberately\n\t by an attacker sending a specially-constructed answer\n\t having the required properties.\n\n\nAn error in handling certain queries can cause an\n\t assertion failure when a server is using the\n\t nxdomain-redirect feature to cover a zone for which\n\t it is also providing authoritative service.\n\t A vulnerable server could be intentionally stopped\n\t by an attacker if it was using a configuration that\n\t met the criteria for the vulnerability and if the\n\t attacker could cause it to accept a query that\n\t possessed the required attributes.\n\n", "published": "2017-01-11T00:00:00", "modified": "2017-01-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://vuxml.freebsd.org/freebsd/d4c7e9a9-d893-11e6-9b4d-d050996490d0.html", "reporter": "FreeBSD", "references": ["https://kb.isc.org/article/AA-01441/0", "https://kb.isc.org/article/AA-01442/0", "https://kb.isc.org/article/AA-01440/0", "https://kb.isc.org/article/AA-01439/0"], "cvelist": ["CVE-2016-9778", "CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "type": "freebsd", "lastseen": "2019-05-29T18:32:23", "edition": 5, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9778", "CVE-2016-9444"]}, {"type": "archlinux", "idList": ["ASA-201701-15"]}, {"type": "nessus", "idList": ["SUSE_SU-2017-0111-1.NASL", "VIRTUOZZO_VZLSA-2017-0062.NASL", "UBUNTU_USN-3172-1.NASL", "CENTOS_RHSA-2017-0062.NASL", "SUSE_SU-2017-0112-1.NASL", "FREEBSD_PKG_D4C7E9A9D89311E69B4DD050996490D0.NASL", "SL_20170116_BIND_ON_SL7_X.NASL", "FEDORA_2017-8F23F564AD.NASL", "FEDORA_2017-F44F2F5A48.NASL", "BIND9_CVE-2016-9131.NASL"]}, {"type": "f5", "idList": ["F5:K86272821", "F5:K25061316", "F5:K02138183", "F5:K40181790"]}, {"type": "ubuntu", "idList": ["USN-3172-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851477", "OPENVAS:1361412562310851479", "OPENVAS:1361412562310882636", "OPENVAS:1361412562310871745", "OPENVAS:1361412562310872266", "OPENVAS:1361412562310703758", "OPENVAS:1361412562310872267", "OPENVAS:1361412562310843020", "OPENVAS:1361412562310872257", "OPENVAS:1361412562310872258"]}, {"type": "redhat", "idList": ["RHSA-2017:1583", "RHSA-2017:0064", "RHSA-2017:0063", "RHSA-2017:0062"]}, {"type": "suse", "idList": ["SUSE-SU-2017:0113-1", "SUSE-SU-2017:0112-1", "OPENSUSE-SU-2017:0182-1", "SUSE-SU-2017:0111-1", "OPENSUSE-SU-2017:0193-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3758-1:C82ED", "DEBIAN:DLA-805-1:ED696"]}, {"type": "centos", "idList": ["CESA-2017:0063", "CESA-2017:0062", "CESA-2017:0064"]}, {"type": "fedora", "idList": ["FEDORA:93E666087C4C", "FEDORA:42F726062C57", "FEDORA:481386087C4C", "FEDORA:024176062C57"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:98B8C69EA113FBB0158DA9CB82B877A5"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0064", "ELSA-2017-0062"]}, {"type": "gentoo", "idList": ["GLSA-201708-01"]}, {"type": "slackware", "idList": ["SSA-2017-011-01"]}, {"type": "aix", "idList": ["BIND_ADVISORY15.ASC"]}], "modified": "2019-05-29T18:32:23", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2019-05-29T18:32:23", "rev": 2}, "vulnersScore": 5.5}, "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "bind99", "packageVersion": "9.9.9P5"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "bind911", "packageVersion": "9.11.0P2"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "bind9-devel", "packageVersion": "9.12.0.a.2016.12.28"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "FreeBSD", "packageVersion": "10.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "bind910", "packageVersion": "9.10.4P5"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "FreeBSD", "packageVersion": "9.3"}], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:28:14", "description": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.", "edition": 5, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-01-16T20:29:00", "title": "CVE-2016-9778", "type": "cve", "cwe": ["CWE-388"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9778"], "modified": "2019-10-09T23:20:00", "cpe": ["cpe:/a:isc:bind:9.9.8", "cpe:/a:isc:bind:9.11.0", "cpe:/a:netapp:solidfire_element_os_management_node:-", "cpe:/a:netapp:data_ontap_edge:-", "cpe:/a:isc:bind:9.9.9"], "id": "CVE-2016-9778", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9778", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.9.8:s3:*:*:*:*:*:*", "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire_element_os_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:13", "description": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-01-12T06:59:00", "title": "CVE-2016-9131", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9131"], "modified": "2020-08-19T19:17:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/a:isc:bind:9.9.8", "cpe:/o:redhat:enterprise_linux_eus:7.3", "cpe:/a:isc:bind:9.11.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.3", "cpe:/o:redhat:enterprise_linux_eus:7.2", "cpe:/a:netapp:hci_management_node:-", "cpe:/o:redhat:enterprise_linux_eus:7.7", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:enterprise_linux_server_workstation:7.0", "cpe:/o:redhat:enterprise_linux_eus:7.4", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_tus:7.2", "cpe:/a:isc:bind:9.10.4", "cpe:/o:redhat:enterprise_linux_eus:7.6", "cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/a:netapp:solidfire:-", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_server_tus:7.7", "cpe:/a:netapp:steelstore_cloud_integrated_storage:-", "cpe:/o:redhat:enterprise_linux_server_tus:7.3", "cpe:/o:redhat:enterprise_linux_server_aus:7.7", "cpe:/a:netapp:data_ontap_edge:-", "cpe:/o:redhat:enterprise_linux_server_aus:7.2", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:isc:bind:9.9.9", "cpe:/o:redhat:enterprise_linux_eus:7.5", "cpe:/a:isc:bind:9.10.3"], "id": "CVE-2016-9131", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9131", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*", "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:b2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:b3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:b2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:14", "description": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-12T06:59:00", "title": "CVE-2016-9444", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9444"], "modified": "2018-09-27T10:29:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.9.8", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.11.0", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.10.1", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.10.4", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.10.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.9.9", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.10.3", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2016-9444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9444", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:13", "description": "named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-12T06:59:00", "title": "CVE-2016-9147", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9147"], "modified": "2018-09-27T10:29:00", "cpe": ["cpe:/a:isc:bind:9.11.0", "cpe:/a:isc:bind:9.10.4", "cpe:/a:isc:bind:9.9.9"], "id": "CVE-2016-9147", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9147", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-06T10:58:45", "description": "ISC reports :\n\nA malformed query response received by a recursive server in response\nto a query of RTYPE ANY could trigger an assertion failure while named\nis attempting to add the RRs in the query response to the cache.\n\nDepending on the type of query and the EDNS options in the query they\nreceive, DNSSEC-enabled authoritative servers are expected to include\nRRSIG and other RRsets in their responses to recursive servers.\nDNSSEC-validating servers will also make specific queries for DS and\nother RRsets. Whether DNSSEC-validating or not, an error in processing\nmalformed query responses that contain DNSSEC-related RRsets that are\ninconsistent with other RRsets in the same query response can trigger\nan assertion failure. Although the combination of properties which\ntriggers the assertion should not occur in normal traffic, it is\npotentially possible for the assertion to be triggered deliberately by\nan attacker sending a specially-constructed answer.\n\nAn unusually-formed answer containing a DS resource record could\ntrigger an assertion failure. While the combination of properties\nwhich triggers the assertion should not occur in normal traffic, it is\npotentially possible for the assertion to be triggered deliberately by\nan attacker sending a specially-constructed answer having the required\nproperties.\n\nAn error in handling certain queries can cause an assertion failure\nwhen a server is using the nxdomain-redirect feature to cover a zone\nfor which it is also providing authoritative service. A vulnerable\nserver could be intentionally stopped by an attacker if it was using a\nconfiguration that met the criteria for the vulnerability and if the\nattacker could cause it to accept a query that possessed the required\nattributes.", "edition": 29, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-13T00:00:00", "title": "FreeBSD : BIND -- multiple vulnerabilities (d4c7e9a9-d893-11e6-9b4d-d050996490d0)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9778", "CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-13T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:bind911", "p-cpe:/a:freebsd:freebsd:bind9-devel", "p-cpe:/a:freebsd:freebsd:bind99", "p-cpe:/a:freebsd:freebsd:bind910"], "id": "FREEBSD_PKG_D4C7E9A9D89311E69B4DD050996490D0.NASL", "href": "https://www.tenable.com/plugins/nessus/96473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96473);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\", \"CVE-2016-9778\");\n\n script_name(english:\"FreeBSD : BIND -- multiple vulnerabilities (d4c7e9a9-d893-11e6-9b4d-d050996490d0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nA malformed query response received by a recursive server in response\nto a query of RTYPE ANY could trigger an assertion failure while named\nis attempting to add the RRs in the query response to the cache.\n\nDepending on the type of query and the EDNS options in the query they\nreceive, DNSSEC-enabled authoritative servers are expected to include\nRRSIG and other RRsets in their responses to recursive servers.\nDNSSEC-validating servers will also make specific queries for DS and\nother RRsets. Whether DNSSEC-validating or not, an error in processing\nmalformed query responses that contain DNSSEC-related RRsets that are\ninconsistent with other RRsets in the same query response can trigger\nan assertion failure. Although the combination of properties which\ntriggers the assertion should not occur in normal traffic, it is\npotentially possible for the assertion to be triggered deliberately by\nan attacker sending a specially-constructed answer.\n\nAn unusually-formed answer containing a DS resource record could\ntrigger an assertion failure. While the combination of properties\nwhich triggers the assertion should not occur in normal traffic, it is\npotentially possible for the assertion to be triggered deliberately by\nan attacker sending a specially-constructed answer having the required\nproperties.\n\nAn error in handling certain queries can cause an assertion failure\nwhen a server is using the nxdomain-redirect feature to cover a zone\nfor which it is also providing authoritative service. A vulnerable\nserver could be intentionally stopped by an attacker if it was using a\nconfiguration that met the criteria for the vulnerability and if the\nattacker could cause it to accept a query that possessed the required\nattributes.\"\n );\n # https://kb.isc.org/article/AA-01439/0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01439\"\n );\n # https://kb.isc.org/article/AA-01440/0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01440\"\n );\n # https://kb.isc.org/article/AA-01441/0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01441\"\n );\n # https://kb.isc.org/article/AA-01442/0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01442\"\n );\n # https://vuxml.freebsd.org/freebsd/d4c7e9a9-d893-11e6-9b4d-d050996490d0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b699364\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind910\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind911\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99<9.9.9P5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind910<9.10.4P5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind911<9.11.0P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-devel<=9.12.0.a.2016.12.28\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T01:24:07", "description": "According to its self-reported version number, the instance of ISC\nBIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P5 or\n9.9.9-S7, 9.10.x prior to 9.10.4-P5, or 9.11.x prior to 9.11.0-P2. It\nis, therefore, affected by multiple denial of service\nvulnerabilities :\n\n - A denial of service vulnerability exists in named due to\n a flaw that is triggered during the handling of a\n specially crafted answer packet in a response to an\n RTYPE ANY query. An unauthenticated, remote attacker can\n exploit this to cause an assertion failure and daemon\n exit. Note that this vulnerability affects versions\n 9.4.0 to 9.6-ESV-R11-W1, 9.8.5 to 9.8.8, 9.9.3 to\n 9.9.9-P4, 9.9.9-S1 to 9.9.9-S6, 9.10.0 to 9.10.4-P4, and\n 9.11.0 to 9.11.0-P1. (CVE-2016-9131)\n\n - A denial of service vulnerability exists in named in\n DNSSEC-enabled authoritative servers that is triggered\n during the handling of a query response that contains\n inconsistent DNSSEC information. An unauthenticated,\n remote attacker can exploit this to cause an assertion\n failure and daemon exit. Note that this vulnerability\n affects versions 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and\n 9.11.0-P1. (CVE-2016-9147)\n\n - A denial of service vulnerability exists in named due to\n a flaw that is triggered during the handling of a\n specially crafted answer that contains a DS resource\n record. An unauthenticated, remote attacker can exploit\n this to cause an assertion failure and daemon exit. Note\n that this vulnerability affects versions 9.6-ESV-R9 to\n 9.6-ESV-R11-W1, 9.8.5 to 9.8.8, 9.9.3 to 9.9.9-P4,\n 9.9.9-S1 to 9.9.9-S6, 9.10.0 to 9.10.4-P4, and 9.11.0 to\n 9.11.0-P1. (CVE-2016-9444)\n\n - A denial of service vulnerability exists in named in the\n nxdomain-redirect functionality that is triggered when\n handling a specially crafted query. An unauthenticated,\n remote attacker can exploit this to cause a REQUIRE\n assertion failure and daemon exit. Note that this\n vulnerability affects versions 9.9.8-S1 to 9.9.8-S3,\n 9.9.9-S1 to 9.9.9-S6, and 9.11.0-9.11.0 to P1.\n (CVE-2016-9778)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 35, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-19T00:00:00", "title": "ISC BIND 9 < 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2 Multiple DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9778", "CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_CVE-2016-9131.NASL", "href": "https://www.tenable.com/plugins/nessus/96625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96625);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/07 17:08:17\");\n\n script_cve_id(\n \"CVE-2016-9131\",\n \"CVE-2016-9147\",\n \"CVE-2016-9444\",\n \"CVE-2016-9778\"\n );\n script_bugtraq_id(\n 95386,\n 95388,\n 95390,\n 95393\n );\n\n script_name(english:\"ISC BIND 9 < 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2 Multiple DoS\");\n script_summary(english:\"Checks the version of BIND.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by multiple denial of service\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of ISC\nBIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P5 or\n9.9.9-S7, 9.10.x prior to 9.10.4-P5, or 9.11.x prior to 9.11.0-P2. It\nis, therefore, affected by multiple denial of service\nvulnerabilities :\n\n - A denial of service vulnerability exists in named due to\n a flaw that is triggered during the handling of a\n specially crafted answer packet in a response to an\n RTYPE ANY query. An unauthenticated, remote attacker can\n exploit this to cause an assertion failure and daemon\n exit. Note that this vulnerability affects versions\n 9.4.0 to 9.6-ESV-R11-W1, 9.8.5 to 9.8.8, 9.9.3 to\n 9.9.9-P4, 9.9.9-S1 to 9.9.9-S6, 9.10.0 to 9.10.4-P4, and\n 9.11.0 to 9.11.0-P1. (CVE-2016-9131)\n\n - A denial of service vulnerability exists in named in\n DNSSEC-enabled authoritative servers that is triggered\n during the handling of a query response that contains\n inconsistent DNSSEC information. An unauthenticated,\n remote attacker can exploit this to cause an assertion\n failure and daemon exit. Note that this vulnerability\n affects versions 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and\n 9.11.0-P1. (CVE-2016-9147)\n\n - A denial of service vulnerability exists in named due to\n a flaw that is triggered during the handling of a\n specially crafted answer that contains a DS resource\n record. An unauthenticated, remote attacker can exploit\n this to cause an assertion failure and daemon exit. Note\n that this vulnerability affects versions 9.6-ESV-R9 to\n 9.6-ESV-R11-W1, 9.8.5 to 9.8.8, 9.9.3 to 9.9.9-P4,\n 9.9.9-S1 to 9.9.9-S6, 9.10.0 to 9.10.4-P4, and 9.11.0 to\n 9.11.0-P1. (CVE-2016-9444)\n\n - A denial of service vulnerability exists in named in the\n nxdomain-redirect functionality that is triggered when\n handling a specially crafted query. An unauthenticated,\n remote attacker can exploit this to cause a REQUIRE\n assertion failure and daemon exit. Note that this\n vulnerability affects versions 9.9.8-S1 to 9.9.8-S3,\n 9.9.9-S1 to 9.9.9-S6, and 9.11.0-9.11.0 to P1.\n (CVE-2016-9778)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/article/AA-01439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/article/AA-01440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/article/AA-01441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/docs/aa-01442\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to ISC BIND version 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 /\n9.11.0-P2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9131\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/19\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"bind/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (\n # 9.4.0 - 9.6\n ver =~ \"^9\\.[4-6]($|[^0-9])\" ||\n\n # 9.8.5 - 9.8.8\n ver =~ \"^9\\.8\\.[5-8]($|[^0-9])\" ||\n\n # 9.9.3 - 9.9.8\n ver =~ \"^9\\.9\\.[3-8]($|[^0-9])\" ||\n\n # 9.9.8-S1 - 9.9.8-S3\n ver =~ \"^9\\.9\\.8(-S[1-3])$\" ||\n\n # 9.9.9 <= 9.9.9-P4/9.9.9-S6\n ver =~ \"^9\\.9\\.9((([ab]|beta|rc)[0-9]*)|(-P[0-4])|(-S[0-6]))?$\" ||\n\n # 9.10.x <= 9.10.4-P4\n ver =~ \"^9\\.10\\.[0-3]($|[^0-9])\" ||\n ver =~ \"^9\\.10\\.4((([ab]|beta|rc)[0-9]*)|(-P[0-4]))?$\" ||\n\n # 9.11.0.x <= 9.11.0-P1\n ver =~ \"^9\\.11\\.0((([ab]|beta|rc)[0-9]*)|(-P[0-1]))?$\"\n)\n{\n items = make_array(\n \"Installed version\", ver,\n \"Fixed version\", \"9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2\"\n );\n order = make_list(\"Installed version\", \"Fixed version\");\n security_report_v4(\n severity:SECURITY_WARNING,\n port:53,\n proto:\"udp\",\n extra:report_items_str(\n report_items:items,\n ordered_fields:order\n )\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"BIND\", 53, ver, \"UDP\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:14:07", "description": "An update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.", "edition": 31, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-07-13T00:00:00", "title": "Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-07-13T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:bind", "cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-devel", "p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11", "p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-utils", "p-cpe:/a:virtuozzo:virtuozzo:bind-sdb", "p-cpe:/a:virtuozzo:virtuozzo:bind-libs", "p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-libs", "p-cpe:/a:virtuozzo:virtuozzo:bind-utils", "p-cpe:/a:virtuozzo:virtuozzo:bind-devel", "p-cpe:/a:virtuozzo:virtuozzo:bind-sdb-chroot", "p-cpe:/a:virtuozzo:virtuozzo:bind-chroot", "p-cpe:/a:virtuozzo:virtuozzo:bind-license", "p-cpe:/a:virtuozzo:virtuozzo:bind-libs-lite", "p-cpe:/a:virtuozzo:virtuozzo:bind-lite-devel"], "id": "VIRTUOZZO_VZLSA-2017-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/101407", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101407);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2016-9131\",\n \"CVE-2016-9147\",\n \"CVE-2016-9444\"\n );\n\n script_name(english:\"Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-0062)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0062.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7cbbdede\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0062\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind / bind-chroot / bind-devel / bind-libs / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"bind-9.9.4-38.vl7.1\",\n \"bind-chroot-9.9.4-38.vl7.1\",\n \"bind-devel-9.9.4-38.vl7.1\",\n \"bind-libs-9.9.4-38.vl7.1\",\n \"bind-libs-lite-9.9.4-38.vl7.1\",\n \"bind-license-9.9.4-38.vl7.1\",\n \"bind-lite-devel-9.9.4-38.vl7.1\",\n \"bind-pkcs11-9.9.4-38.vl7.1\",\n \"bind-pkcs11-devel-9.9.4-38.vl7.1\",\n \"bind-pkcs11-libs-9.9.4-38.vl7.1\",\n \"bind-pkcs11-utils-9.9.4-38.vl7.1\",\n \"bind-sdb-9.9.4-38.vl7.1\",\n \"bind-sdb-chroot-9.9.4-38.vl7.1\",\n \"bind-utils-9.9.4-38.vl7.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:11:51", "description": "Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-17T00:00:00", "title": "Fedora 24 : bind99 (2017-8f23f564ad)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-17T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:24", "p-cpe:/a:fedoraproject:fedora:bind99"], "id": "FEDORA_2017-8F23F564AD.NASL", "href": "https://www.tenable.com/plugins/nessus/96540", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8f23f564ad.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96540);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_xref(name:\"FEDORA\", value:\"2017-8f23f564ad\");\n\n script_name(english:\"Fedora 24 : bind99 (2017-8f23f564ad)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f23f564ad\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind99 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"bind99-9.9.9-4.P5.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind99\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:11:47", "description": "Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-16T00:00:00", "title": "Fedora 25 : 32:bind (2017-87992a0557)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-16T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:32:bind"], "id": "FEDORA_2017-87992A0557.NASL", "href": "https://www.tenable.com/plugins/nessus/96503", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-87992a0557.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96503);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_xref(name:\"FEDORA\", value:\"2017-87992a0557\");\n\n script_name(english:\"Fedora 25 : 32:bind (2017-87992a0557)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-87992a0557\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 32:bind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:32:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"bind-9.10.4-3.P5.fc25\", epoch:\"32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"32:bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T14:25:19", "description": "This update for bind fixes the following issues :\n\n - Fix a potential assertion failure that could have been\n triggered by a malformed response to an ANY query,\n thereby facilitating a denial-of-service attack.\n [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been\n triggered by responding to a query with inconsistent\n DNSSEC information, thereby facilitating a\n denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been\n triggered by DNS responses that contain unusually-formed\n DS resource records, facilitating a denial-of-service\n attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 31, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-12T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0111-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind-chrootenv", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-debugsource", "p-cpe:/a:novell:suse_linux:bind-debuginfo", "p-cpe:/a:novell:suse_linux:bind-utils-debuginfo", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:bind-libs-debuginfo", "p-cpe:/a:novell:suse_linux:bind-libs"], "id": "SUSE_SU-2017-0111-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0111-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96433);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0111-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bind fixes the following issues :\n\n - Fix a potential assertion failure that could have been\n triggered by a malformed response to an ANY query,\n thereby facilitating a denial-of-service attack.\n [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been\n triggered by responding to a query with inconsistent\n DNSSEC information, thereby facilitating a\n denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been\n triggered by DNS responses that contain unusually-formed\n DS resource records, facilitating a denial-of-service\n attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9131/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9147/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9444/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170111-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c06a0df5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-54=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2017-54=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-54=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-54=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-54=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-54=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-54=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-chrootenv-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-debugsource-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-utils-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-utils-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-debuginfo-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-chrootenv-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-debugsource-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-utils-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-utils-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-debugsource-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-utils-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-utils-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-debugsource-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-utils-9.9.9P1-53.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-utils-debuginfo-9.9.9P1-53.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T05:33:53", "description": "An update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.", "edition": 32, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-16T00:00:00", "title": "RHEL 7 : bind (RHSA-2017:0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind-sdb-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-lite-devel", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:bind-pkcs11", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:bind-license", "p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs-lite", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-utils", "p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-libs", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"], "id": "REDHAT-RHSA-2017-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/96523", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0062. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96523);\n script_version(\"3.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_xref(name:\"RHSA\", value:\"2017:0062\");\n\n script_name(english:\"RHEL 7 : bind (RHSA-2017:0062)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\"\n );\n # https://kb.isc.org/article/AA-01439\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01439\"\n );\n # https://kb.isc.org/article/AA-01440\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01440\"\n );\n # https://kb.isc.org/article/AA-01441\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9444\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0062\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-chroot-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-chroot-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-debuginfo-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-devel-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-libs-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-libs-lite-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-license-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-lite-devel-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-pkcs11-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-pkcs11-devel-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"bind-pkcs11-libs-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-pkcs11-utils-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-utils-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-sdb-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-sdb-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-sdb-chroot-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-sdb-chroot-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bind-utils-9.9.4-38.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bind-utils-9.9.4-38.el7_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:14:54", "description": "Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-16T00:00:00", "title": "Fedora 25 : bind99 (2017-f44f2f5a48)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-16T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:bind99"], "id": "FEDORA_2017-F44F2F5A48.NASL", "href": "https://www.tenable.com/plugins/nessus/96508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-f44f2f5a48.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96508);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_xref(name:\"FEDORA\", value:\"2017-f44f2f5a48\");\n\n script_name(english:\"Fedora 25 : bind99 (2017-f44f2f5a48)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-9131, CVE-2016-9147, CVE-2016-9444\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-f44f2f5a48\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind99 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"bind99-9.9.9-4.P5.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind99\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:31:06", "description": "This update for bind fixes the following issues :\n\n - Fix a potential assertion failure that could have been\n triggered by a malformed response to an ANY query,\n thereby facilitating a denial-of-service attack.\n [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been\n triggered by responding to a query with inconsistent\n DNSSEC information, thereby facilitating a\n denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been\n triggered by DNS responses that contain unusually-formed\n DS resource records, facilitating a denial-of-service\n attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-18T00:00:00", "title": "openSUSE Security Update : bind (openSUSE-2017-109)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-lwresd", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "p-cpe:/a:novell:opensuse:bind"], "id": "OPENSUSE-2017-109.NASL", "href": "https://www.tenable.com/plugins/nessus/96581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-109.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96581);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-2017-109)\");\n script_summary(english:\"Check for the openSUSE-2017-109 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bind fixes the following issues :\n\n - Fix a potential assertion failure that could have been\n triggered by a malformed response to an ANY query,\n thereby facilitating a denial-of-service attack.\n [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been\n triggered by responding to a query with inconsistent\n DNSSEC information, thereby facilitating a\n denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been\n triggered by DNS responses that contain unusually-formed\n DS resource records, facilitating a denial-of-service\n attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1018699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1018700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1018701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1018702\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-chrootenv-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-debuginfo-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-debugsource-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-devel-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-libs-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-libs-debuginfo-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-lwresd-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-lwresd-debuginfo-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-utils-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bind-utils-debuginfo-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.6P1-2.28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-debuginfo / bind-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:51:06", "description": "From Red Hat Security Advisory 2017:0062 :\n\nAn update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.", "edition": 28, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-01-18T00:00:00", "title": "Oracle Linux 7 : bind (ELSA-2017-0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "modified": "2017-01-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-license", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:bind-pkcs11-utils", "p-cpe:/a:oracle:linux:bind-pkcs11-libs", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-pkcs11-devel", "p-cpe:/a:oracle:linux:bind-lite-devel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bind-libs-lite", "p-cpe:/a:oracle:linux:bind-pkcs11", "p-cpe:/a:oracle:linux:bind-sdb-chroot"], "id": "ORACLELINUX_ELSA-2017-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/96584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0062 and \n# Oracle Linux Security Advisory ELSA-2017-0062 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96584);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_xref(name:\"RHSA\", value:\"2017:0062\");\n\n script_name(english:\"Oracle Linux 7 : bind (ELSA-2017-0062)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0062 :\n\nAn update for bind is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es) :\n\n* A denial of service flaw was found in the way BIND processed a\nresponse to an ANY query. A remote attacker could use this flaw to\nmake named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006643.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-chroot-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-devel-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-libs-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-libs-lite-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-license-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-lite-devel-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-devel-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-libs-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-pkcs11-utils-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-sdb-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-sdb-chroot-9.9.4-38.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-utils-9.9.4-38.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-libs-lite / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:44", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444", "CVE-2016-9778"], "description": "Arch Linux Security Advisory ASA-201701-15\n==========================================\n\nSeverity: High\nDate : 2017-01-12\nCVE-ID : CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 CVE-2016-9778\nPackage : bind\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-132\n\nSummary\n=======\n\nThe package bind before version 9.11.0.P2-1 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 9.11.0.P2-1.\n\n# pacman -Syu \"bind>=9.11.0.P2-1\"\n\nThe problems have been fixed upstream in version 9.11.0.P2.\n\nWorkaround\n==========\n\nNone\n\nDescription\n===========\n\n- CVE-2016-9131 (denial of service)\n\nA denial of service flaw was found in the way BIND processed a response\nto an ANY query. A remote attacker could use this flaw to make named\nexit unexpectedly with an assertion failure via a specially crafted DNS\nresponse.\n\n- CVE-2016-9147 (denial of service)\n\nA denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response.\n\n- CVE-2016-9444 (denial of service)\n\nA denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a\nspecially crafted DNS response.\n\n- CVE-2016-9778 (denial of service)\n\nA denial of service flaw was found in the way BIND handled certain\nqueries using the nxdomain-redirect feature to cover a zone for which\nit is also providing authoritative service. A remote attacker could use\nthis flaw to make named exit unexpectedly with an assertion failure via\na specially crafted DNS response.\n\nImpact\n======\n\nA remote attacker can crash the server by performing crafted queries\nunder certain circumstances.\n\nReferences\n==========\n\nhttps://kb.isc.org/article/AA-01439/0\nhttps://kb.isc.org/article/AA-01440/0\nhttps://kb.isc.org/article/AA-01441/0\nhttps://kb.isc.org/article/AA-01442/0\nhttps://security.archlinux.org/CVE-2016-9131\nhttps://security.archlinux.org/CVE-2016-9147\nhttps://security.archlinux.org/CVE-2016-9444\nhttps://security.archlinux.org/CVE-2016-9778", "modified": "2017-01-12T00:00:00", "published": "2017-01-12T00:00:00", "id": "ASA-201701-15", "href": "https://security.archlinux.org/ASA-201701-15", "type": "archlinux", "title": "[ASA-201701-15] bind: denial of service", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2020-04-06T22:40:26", "bulletinFamily": "software", "cvelist": ["CVE-2016-9778"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP AAM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | Not vulnerable | None \nBIG-IP AFM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | Not vulnerable | None \nBIG-IP Analytics | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP APM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP ASM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP DNS | None | 12.0.0 - 12.1.2 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP Link Controller | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP PEM | None | 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | Not vulnerable | None \nBIG-IP PSM | None | 11.4.0 - 11.4.1 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None \nBIG-IP WebSafe | None | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | Not vulnerable | None \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable1 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable1 | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.1.0 \n4.6.0 | Not vulnerable1 | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable1 | None \nF5 iWorkflow | None | 2.0.0 | Not vulnerable1 | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None \n \n1The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2019-01-23T22:12:00", "published": "2017-01-11T22:17:00", "id": "F5:K25061316", "href": "https://support.f5.com/csp/article/K25061316", "title": "BIND vulnerability CVE-2016-9778", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-06T22:39:31", "bulletinFamily": "software", "cvelist": ["CVE-2016-9131"], "description": "\nF5 Product Development has assigned ID 636699 (BIG-IP) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.0.0 - 11.2.1 HF8 \n10.1.0 - 10.2.4 | High | BIND \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 | High | BIND \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 | High | BIND \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.2 | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 | High | BIND \nBIG-IP Edge Gateway | 11.2.1 HF9 and later | 11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP GTM | 11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.0.0 - 11.2.1 HF8 \n10.1.0 - 10.2.4 | High | BIND \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later \n11.3.0 HF7 and later \n11.2.1 HF9 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 \n11.3.0 - 11.3.0 HF6 \n11.0.0 - 11.2.1 HF8 \n10.1.0 - 10.2.4 | High | BIND \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.4.0 HF3 and later | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 \n11.5.5 \n11.5.4 HF3 \n11.4.0 - 11.4.0 HF2 | High | BIND \nBIG-IP PSM | 11.4.1 \n11.4.0 HF3 and later | 11.4.0 - 11.4.0 HF2 | High | BIND \nBIG-IP WebAccelerator | 11.2.1 HF9 and later | 11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP WebSafe | 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 13.1.0 \n13.0.0 HF1 \n12.1.3 \n12.1.2 HF1 \n11.6.2 | High | BIND \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable1 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable1 | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.3.0 \n4.6.0 | Not vulnerable1 | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable1 | None \nF5 iWorkflow | None | 2.0.0 - 2.3.0 | Not vulnerable1 | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable1 | None \nTraffix SDC | None | 4.0.0 - 5.1.0 | Not vulnerable | None \n \n1The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can use an iRule to drop client RTYPE=ANY queries.\n\n**Impact of action:** The impact of the suggested mitigation will depend on the specific environment. F5 recommends that you test any such changes during a maintenance window and consider the possible impact on your specific environment.\n\n * [K17329: BIG-IP GTM name has changed to BIG-IP DNS](<https://support.f5.com/csp/article/K17329>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "edition": 1, "modified": "2019-05-09T00:42:00", "published": "2017-01-13T05:16:00", "id": "F5:K86272821", "href": "https://support.f5.com/csp/article/K86272821", "title": "BIND vulnerability CVE-2016-9131", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-06T22:39:24", "bulletinFamily": "software", "cvelist": ["CVE-2016-9444"], "description": "\nF5 Product Development has assigned ID 636702 (BIG-IP) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.2 \n11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 | High | BIND \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 | High | BIND \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.2 \n11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.2 \n11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.2 \n11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.2 | 13.0.0 HF1 \n12.1.2 HF1 | High | BIND \nBIG-IP Edge Gateway | 11.2.1 HF9 and later | 11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP GTM | 11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.2 \n11.3.0 - 11.6.1 \n11.2.1 HF9 and later | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 \n11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 \n11.5.4 HF3 | High | BIND \nBIG-IP PSM | 11.3.0 - 11.4.1 \n11.2.1 HF9 and later | 11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP WebAccelerator | 11.3.0 \n11.2.1 HF9 and later | 11.2.1 - 11.2.1 HF8 | High | BIND \nBIG-IP WebSafe | 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 13.0.0 HF1 \n12.1.2 HF1 \n11.6.2 | High | BIND \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable1 | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable1 | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable1 | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.1.0 \n4.6.0 | Not vulnerable1 | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable1 | None \nF5 iWorkflow | None | 2.0.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable1 | None \nTraffix SDC | None | 4.0.0 - 5.1.0 | Not vulnerable | None \n \n1The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can disable the recursion option on the BIND configuration if it is not required in your environment. To do so, perform the following procedure.\n\n**Impact of action:** This procedure disables the recursion feature in the BIND configuration and restarts the system service that may affect the BIG-IP system responding to DNS queries. F5 recommends that you perform this procedure during a scheduled maintenance period.\n\n 1. Log in to the Advanced Shell (**bash**) of the BIG-IP system as the root user.\n 2. Check if the system has recursion enabled for the **named** service by typing the following command: \n\ngrep \"recursion\\ \" /var/named/config/named.conf\n\nIf the output displays \"**recursion yes**,\" proceed to step 4.\n\n 3. Check if the system has recursion enabled for the **dnscached** service by typing the following command: \n\ngrep \"recursion\\ \" /var/dnscached/config/named.conf\n\nIf the output displays \"**recursion yes,**\" proceed to step 4.\n\n**Note**: The **/var/dnscached/config/named.conf** configuration file is valid only if the BIG-IP system is provisioned or was previously provisioned with the BIG-IP APM module.\n\n 4. Use an editor of your choice to remove the following lines from the target configuration file: \n\nrecursion yes; \nallow-recursion { &lt;IP-Addresses-ACL&gt; };\n\nIf you have more than one file to edit, after evaluating the files in step 2 and step 3, repeat step 4 for the next configuration file.\n\n 5. If you have modified the configuration of the **dnscached** service in step 4, you must restart the **dnscached** service by typing the following command: \n\ntmsh restart /sys service dnscached\n\n 6. If you have modified the configuration of the **named** service in step 4, you must restart the **named **service by typing the following command: \n\ntmsh restart /sys service named\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "edition": 1, "modified": "2019-05-09T00:45:00", "published": "2017-01-13T05:27:00", "id": "F5:K40181790", "href": "https://support.f5.com/csp/article/K40181790", "title": "BIND vulnerability CVE-2016-9444", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-06T22:39:54", "bulletinFamily": "software", "cvelist": ["CVE-2016-9147"], "description": "\nF5 Product Development has assigned ID 636700 (BIG-IP) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | High | BIND \nBIG-IP AAM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | High | BIND \nBIG-IP AFM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | High | BIND \nBIG-IP Analytics | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | High | BIND \nBIG-IP APM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | High | BIND \nBIG-IP ASM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | High | BIND \nBIG-IP DNS | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 | High | BIND \nBIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.0 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP Link Controller | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 | High | BIND \nBIG-IP PEM | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 | High | BIND \nBIG-IP PSM | None | 11.4.0 - 11.4.1 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None \nBIG-IP WebSafe | 13.0.0 | 13.0.0 HF1 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | High | BIND \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.1.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 5.1.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n**Mitigation**\n\nTo mitigate this vulnerability, you can disable the recursion option in the BIND configuration (if it is not required for your environment). To do so, perform the following procedure.\n\n**Impact of procedure:** This procedure disables the recursion feature in the BIND configuration and restarts the system service; this interruption may affect the BIG-IP system responding to DNS queries. F5 recommends that you perform this procedure during a scheduled maintenance period.\n\n 1. Log in to the Advanced Shell (**bash**) of the BIG-IP system as the root user.\n 2. To verify that the system has recursion enabled for the **named** service, type the following command: \n\ngrep \"recursion\\ \" /var/named/config/named.conf\n\nIf the output displays \"**recursion yes**,\" proceed to step 4.\n\n 3. To verify that the system has recursion enabled for the **dnscached** service, type the following command: \n\ngrep \"recursion\\ \" /var/dnscached/config/named.conf\n\nIf the output displays \"**recursion yes**,\" proceed to step 4.\n\n**Note**: The **/var/dnscached/config/named.conf** configuration file is valid only if the BIG-IP system is provisioned, or was previously provisioned, with the BIG-IP APM module.\n\n 4. Use an editor of your choice to remove the following lines from the target configuration file: \n\nrecursion yes; \nallow-recursion { &lt;IP-Addresses-ACL&gt; };\n\n 5. Optional: If you have more than one file to edit, after evaluating the files in step 2 and step 3, repeat step 4 for the next configuration file.\n 6. Optional: If you have modified the configuration of the **dnscached** service in step 4, you must restart the **dnscached** service by typing the following command: \n\ntmsh restart /sys service dnscached\n\n 7. Optional: If you have modified the configuration of the **named** service in step 4, you must restart the **named **service by typing the following command: \n\ntmsh restart /sys service named\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "edition": 1, "modified": "2019-05-09T00:46:00", "published": "2017-01-12T22:09:00", "id": "F5:K02138183", "href": "https://support.f5.com/csp/article/K02138183", "title": "BIND vulnerability CVE-2016-9147", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:55:59", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3758-1 security@debian.org\nhttps://www.debian.org/security/ Florian Weimer\nJanuary 11, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nCVE ID : CVE-2016-9131 CVE-2016-9147 CVE-2016-9444\nDebian Bug : 851062 851063 851065\n\nSeveral denial-of-service vulnerabilities (assertion failures) were\ndiscovered in BIND, a DNS server implementation.\n\nCVE-2016-9131\n\n A crafted upstream response to an ANY query could cause an\n assertion failure.\n\nCVE-2016-9147\n\n A crafted upstream response with self-contradicting DNSSEC data\n could cause an assertion failure.\n\nCVE-2016-9444\n\n Specially-crafted upstream responses with a DS record could cause\n an assertion failure.\n\nThese vulnerabilities predominantly affect DNS servers providing\nrecursive service. Client queries to authoritative-only servers\ncannot trigger these assertion failures. These vulnerabilities are\npresent whether or not DNSSEC validation is enabled in the server\nconfiguration.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1:9.9.5.dfsg-9+deb8u9.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2017-01-11T22:15:25", "published": "2017-01-11T22:15:25", "id": "DEBIAN:DSA-3758-1:C82ED", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00008.html", "title": "[SECURITY] [DSA 3758-1] bind9 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:21:40", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "Package : bind9\nVersion : 1:9.8.4.dfsg.P1-6+nmu2+deb7u14\nCVE ID : CVE-2016-9131 CVE-2016-9147 CVE-2016-9444\n\nSeveral denial-of-service vulnerabilities (assertion failures) were\ndiscovered in BIND, a DNS server implementation.\n\nCVE-2016-9131\n\n A crafted upstream response to an ANY query could cause an\n assertion failure.\n\nCVE-2016-9147\n\n A crafted upstream response with self-contradicting DNSSEC data\n could cause an assertion failure.\n\nCVE-2016-9444\n\n Specially-crafted upstream responses with a DS record could cause\n an assertion failure.\n\nThese vulnerabilities predominantly affect DNS servers providing\nrecursive service. Client queries to authoritative-only servers\ncannot trigger these assertion failures. These vulnerabilities are\npresent whether or not DNSSEC validation is enabled in the server\nconfiguration.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n1:9.8.4.dfsg.P1-6+nmu2+deb7u14.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2017-01-29T11:40:23", "published": "2017-01-29T11:40:23", "id": "DEBIAN:DLA-805-1:ED696", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201701/msg00041.html", "title": "[SECURITY] [DLA 805-1] bind9 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "It was discovered that Bind incorrectly handled certain malformed responses \nto an ANY query. A remote attacker could possibly use this issue to cause \nBind to crash, resulting in a denial of service. (CVE-2016-9131)\n\nIt was discovered that Bind incorrectly handled certain malformed responses \nto an ANY query. A remote attacker could possibly use this issue to cause \nBind to crash, resulting in a denial of service. (CVE-2016-9147)\n\nIt was discovered that Bind incorrectly handled certain malformed DS record \nresponses. A remote attacker could possibly use this issue to cause Bind to \ncrash, resulting in a denial of service. This issue only affected Ubuntu \n14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9444)", "edition": 5, "modified": "2017-01-12T00:00:00", "published": "2017-01-12T00:00:00", "id": "USN-3172-1", "href": "https://ubuntu.com/security/notices/USN-3172-1", "title": "Bind vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2017-01-12T02:04:15", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "edition": 1, "description": "This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n", "modified": "2017-01-12T02:09:49", "published": "2017-01-12T02:09:49", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00015.html", "id": "SUSE-SU-2017:0112-1", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-01-18T12:59:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "edition": 1, "description": "This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "modified": "2017-01-18T12:09:00", "published": "2017-01-18T12:09:00", "id": "OPENSUSE-SU-2017:0193-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00031.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-01-12T02:04:15", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "edition": 1, "description": "This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n - Fixed ldapdump to use a temporary pseudo nameserver that conforms to\n BIND's expected syntax. Prior versions would not work correctly with an\n LDAP backed DNS server. [bsc#965748]\n\n", "modified": "2017-01-12T02:10:52", "published": "2017-01-12T02:10:52", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00016.html", "id": "SUSE-SU-2017:0113-1", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-01-17T18:59:44", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "edition": 1, "description": "This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n", "modified": "2017-01-17T19:45:41", "published": "2017-01-17T19:45:41", "id": "OPENSUSE-SU-2017:0182-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00029.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-01-12T02:04:15", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "edition": 1, "description": "This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n", "modified": "2017-01-12T02:08:43", "published": "2017-01-12T02:08:43", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00014.html", "id": "SUSE-SU-2017:0111-1", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 0.0, "vector": "NONE"}}], "centos": [{"lastseen": "2020-12-08T03:40:38", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "**CentOS Errata and Security Advisory** CESA-2017:0062\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034251.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-libs-lite\nbind-license\nbind-lite-devel\nbind-pkcs11\nbind-pkcs11-devel\nbind-pkcs11-libs\nbind-pkcs11-utils\nbind-sdb\nbind-sdb-chroot\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0062.html", "edition": 4, "modified": "2017-01-17T13:12:56", "published": "2017-01-17T13:12:56", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/034251.html", "id": "CESA-2017:0062", "title": "bind security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-08T03:37:35", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147"], "description": "**CentOS Errata and Security Advisory** CESA-2017:0063\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name\nSystem (DNS) protocols. BIND includes a DNS server (named); a resolver library\n(routines for applications to use when interfacing with DNS); and tools for\nverifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND handled a query response\ncontaining inconsistent DNSSEC information. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9147)\n\nRed Hat would like to thank ISC for reporting this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034249.html\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034252.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0063.html", "edition": 4, "modified": "2017-01-17T13:14:25", "published": "2017-01-17T13:00:14", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/034249.html", "id": "CESA-2017:0063", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-08T03:40:08", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147"], "description": "**CentOS Errata and Security Advisory** CESA-2017:0064\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name\nSystem (DNS) protocols. BIND includes a DNS server (named); a resolver library\n(routines for applications to use when interfacing with DNS); and tools for\nverifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND handled a query response\ncontaining inconsistent DNSSEC information. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9147)\n\nRed Hat would like to thank ISC for reporting this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034250.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0064.html", "edition": 4, "modified": "2017-01-17T13:00:47", "published": "2017-01-17T13:00:47", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/034250.html", "id": "CESA-2017:0064", "title": "bind97 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.", "modified": "2018-04-12T03:33:12", "published": "2017-01-16T09:08:31", "id": "RHSA-2017:0062", "href": "https://access.redhat.com/errata/RHSA-2017:0062", "type": "redhat", "title": "(RHSA-2017:0062) Important: bind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:21", "bulletinFamily": "unix", "cvelist": ["CVE-2016-8864", "CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444", "CVE-2017-3137"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)\n\n* A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131)\n\n* A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)\n\n* A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444)\n\n* A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137)\n\nRed Hat would like to thank ISC for reporting these issues. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters of CVE-2016-8864.\n\nBug Fix(es):\n\n* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK is essential for ensuring that validating DNS resolvers continue to function following the rollover. (BZ#1459648)", "modified": "2017-08-28T06:44:20", "published": "2017-06-28T12:01:41", "id": "RHSA-2017:1583", "href": "https://access.redhat.com/errata/RHSA-2017:1583", "type": "redhat", "title": "(RHSA-2017:1583) Important: bind security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:30", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name\nSystem (DNS) protocols. BIND includes a DNS server (named); a resolver library\n(routines for applications to use when interfacing with DNS); and tools for\nverifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND handled a query response\ncontaining inconsistent DNSSEC information. A remote attacker could use this\nflaw to make named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9147)\n\nRed Hat would like to thank ISC for reporting this issue.\n", "modified": "2017-09-08T12:20:29", "published": "2017-01-16T05:00:00", "id": "RHSA-2017:0064", "href": "https://access.redhat.com/errata/RHSA-2017:0064", "type": "redhat", "title": "(RHSA-2017:0064) Important: bind97 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2017-01-16T20:52:08", "published": "2017-01-16T20:52:08", "id": "FEDORA:481386087C4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: bind99-9.9.9-4.P5.fc24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2017-01-14T03:54:31", "published": "2017-01-14T03:54:31", "id": "FEDORA:42F726062C57", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: bind-9.10.4-3.P5.fc25", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2017-01-16T20:52:06", "published": "2017-01-16T20:52:06", "id": "FEDORA:93E666087C4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: bind-9.10.4-3.P5.fc24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131", "CVE-2016-9147", "CVE-2016-9444"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2017-01-14T03:54:33", "published": "2017-01-14T03:54:33", "id": "FEDORA:024176062C57", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: bind99-9.9.9-4.P5.fc25", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:38", "bulletinFamily": "software", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "# \n\n# **Severity**\n\nMedium\n\n# **Vendor**\n\nUbuntu\n\n# **Versions Affected**\n\n * Ubuntu 14.04 LTS\n\n# **Description**\n\nIt was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. ([CVE-2016-9131](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9131.html>)) \n \nIt was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. ([CVE-2016-9147](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9147.html>)) \n \nIt was discovered that Bind incorrectly handled certain malformed DS record responses. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. ([CVE-2016-9444](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9444.html>))\n\n# **Affected Products and Versions**\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including:\n * 3151.x versions prior to 3151.7\n * 3233.x versions prior to 3233.10\n * 3263.x versions prior to 3263.15\n * All versions of Cloud Foundry cflinuxfs2 prior to v1.45.0\n\n# **Mitigation**\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry team recommends upgrading to the following BOSH stemcells:\n * Upgrade all lower versions of 3151.x to version 3151.7\n * Upgrade all lower versions of 3233.x to version 3233.10\n * Upgrade all lower versions of 3263.x to version 3263.15\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v1.45.0 or later versions\n\n# **References**\n\n * [https://www.ubuntu.com/usn/usn-3172-1/](<https://www.ubuntu.com/usn/usn-3172-1/>)\n * [http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9131.html](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9131.html>)\n * [http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9147.html](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9147.html>)\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9444.html>\n", "edition": 5, "modified": "2017-01-31T00:00:00", "published": "2017-01-31T00:00:00", "id": "CFOUNDRY:98B8C69EA113FBB0158DA9CB82B877A5", "href": "https://www.cloudfoundry.org/blog/usn-3172-1/", "title": "USN-3172-1: Bind vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:33:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-14T00:00:00", "id": "OPENVAS:1361412562310872257", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872257", "type": "openvas", "title": "Fedora Update for bind99 FEDORA-2017-f44f2f5a48", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind99 FEDORA-2017-f44f2f5a48\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872257\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-14 05:39:13 +0100 (Sat, 14 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind99 FEDORA-2017-f44f2f5a48\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind99'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind99 on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-f44f2f5a48\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4LITVIVQZED3H6ZATTZXXL6BZW3NYJA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind99\", rpm:\"bind99~9.9.9~4.P5.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "Check the version of bind", "modified": "2019-03-08T00:00:00", "published": "2017-01-18T00:00:00", "id": "OPENVAS:1361412562310882636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882636", "type": "openvas", "title": "CentOS Update for bind CESA-2017:0062 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2017:0062 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882636\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-18 05:46:18 +0100 (Wed, 18 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for bind CESA-2017:0062 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of bind\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND)\nis an implementation of the Domain Name System (DNS) protocols. BIND includes\na DNS server (named) a resolver library (routines for applications to use\nwhen interfacing with DNS) and tools for verifying that the DNS server is\noperating correctly.\n\nSecurity Fix(es):\n\n * A denial of service flaw was found in the way BIND processed a response\nto an ANY query. A remote attacker could use this flaw to make named exit\nunexpectedly with an assertion failure via a specially crafted DNS\nresponse. (CVE-2016-9131)\n\n * A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n * A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this flaw\nto make named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\");\n script_tag(name:\"affected\", value:\"bind on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0062\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022213.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-lite\", rpm:\"bind-libs-lite~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-license\", rpm:\"bind-license~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-lite-devel\", rpm:\"bind-lite-devel~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11\", rpm:\"bind-pkcs11~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-devel\", rpm:\"bind-pkcs11-devel~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-libs\", rpm:\"bind-pkcs11-libs~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-utils\", rpm:\"bind-pkcs11-utils~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb-chroot\", rpm:\"bind-sdb-chroot~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.4~38.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:28:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2017-01-18T00:00:00", "id": "OPENVAS:1361412562310851477", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851477", "type": "openvas", "title": "openSUSE: Security Advisory for bind (openSUSE-SU-2017:0182-1)", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851477\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-01-18 05:46:25 +0100 (Wed, 18 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for bind (openSUSE-SU-2017:0182-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\");\n\n script_tag(name:\"affected\", value:\"bind on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:0182-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd\", rpm:\"bind-lwresd~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd-debuginfo\", rpm:\"bind-lwresd-debuginfo~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-doc\", rpm:\"ind-doc~9.9.6P1~2.28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:26:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2017-01-19T00:00:00", "id": "OPENVAS:1361412562310851479", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851479", "type": "openvas", "title": "openSUSE: Security Advisory for bind (openSUSE-SU-2017:0193-1)", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851479\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-01-19 05:42:02 +0100 (Thu, 19 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for bind (openSUSE-SU-2017:0193-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bind fixes the following issues:\n\n - Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a\n denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n - Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n - Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records,\n facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,\n bsc#1018699]\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"bind on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:0193-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd\", rpm:\"bind-lwresd~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd-debuginfo\", rpm:\"bind-lwresd-debuginfo~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.9P1~45.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-17T00:00:00", "id": "OPENVAS:1361412562310872267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872267", "type": "openvas", "title": "Fedora Update for bind FEDORA-2017-59ca54c94e", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2017-59ca54c94e\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872267\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-17 05:49:28 +0100 (Tue, 17 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind FEDORA-2017-59ca54c94e\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-59ca54c94e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BXMP7Q2MK53F2VZY5OZDK6WH2QBZKKCS\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.10.4~3.P5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-14T00:00:00", "id": "OPENVAS:1361412562310872258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872258", "type": "openvas", "title": "Fedora Update for bind FEDORA-2017-87992a0557", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2017-87992a0557\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872258\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-14 05:39:16 +0100 (Sat, 14 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind FEDORA-2017-87992a0557\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-87992a0557\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNQFFH2B2YTO3W62PBERJHXKF5BJLARR\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.10.4~3.P5.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2017-01-13T00:00:00", "id": "OPENVAS:1361412562310843020", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843020", "type": "openvas", "title": "Ubuntu Update for bind9 USN-3172-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for bind9 USN-3172-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843020\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-13 05:42:38 +0100 (Fri, 13 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for bind9 USN-3172-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind9'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Bind incorrectly\n handled certain malformed responses to an ANY query. A remote attacker could\n possibly use this issue to cause Bind to crash, resulting in a denial of service.\n (CVE-2016-9131)\n\nIt was discovered that Bind incorrectly handled certain malformed responses\nto an ANY query. A remote attacker could possibly use this issue to cause\nBind to crash, resulting in a denial of service. (CVE-2016-9147)\n\nIt was discovered that Bind incorrectly handled certain malformed DS record\nresponses. A remote attacker could possibly use this issue to cause Bind to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9444)\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3172-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3172-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-3ubuntu0.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.10.3.dfsg.P4-10.1ubuntu1.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.10.3.dfsg.P4-8ubuntu1.4\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:57:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "Several denial-of-service vulnerabilities\n(assertion failures) were discovered in BIND, a DNS server implementation.\n\nCVE-2016-9131 \nA crafted upstream response to an ANY query could cause an\nassertion failure.\n\nCVE-2016-9147 \nA crafted upstream response with self-contradicting DNSSEC data\ncould cause an assertion failure.\n\nCVE-2016-9444 \nSpecially-crafted upstream responses with a DS record could cause\nan assertion failure.\n\nThese vulnerabilities predominantly affect DNS servers providing\nrecursive service. Client queries to authoritative-only servers\ncannot trigger these assertion failures. These vulnerabilities are\npresent whether or not DNSSEC validation is enabled in the server\nconfiguration.", "modified": "2017-07-07T00:00:00", "published": "2017-01-11T00:00:00", "id": "OPENVAS:703758", "href": "http://plugins.openvas.org/nasl.php?oid=703758", "type": "openvas", "title": "Debian Security Advisory DSA 3758-1 (bind9 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3758.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3758-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703758);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_name(\"Debian Security Advisory DSA 3758-1 (bind9 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-01-11 00:00:00 +0100 (Wed, 11 Jan 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3758.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"bind9 on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Berkeley Internet Name Domain (BIND)\nimplements an Internet domain name server. BIND is the most widely-used name server\nsoftware on the Internet, and is supported by the Internet Software Consortium,\nwww.isc.org.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 1:9.9.5.dfsg-9+deb8u9.\n\nWe recommend that you upgrade your bind9 packages.\");\n script_tag(name: \"summary\", value: \"Several denial-of-service vulnerabilities\n(assertion failures) were discovered in BIND, a DNS server implementation.\n\nCVE-2016-9131 \nA crafted upstream response to an ANY query could cause an\nassertion failure.\n\nCVE-2016-9147 \nA crafted upstream response with self-contradicting DNSSEC data\ncould cause an assertion failure.\n\nCVE-2016-9444 \nSpecially-crafted upstream responses with a DS record could cause\nan assertion failure.\n\nThese vulnerabilities predominantly affect DNS servers providing\nrecursive service. Client queries to authoritative-only servers\ncannot trigger these assertion failures. These vulnerabilities are\npresent whether or not DNSSEC validation is enabled in the server\nconfiguration.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-export-dev\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-90\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns-export100\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns100\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libirs-export91\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc-export95\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc95\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc90\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg-export90\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg90\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres90\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.9.5.dfsg-9+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:34:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2017-01-16T00:00:00", "id": "OPENVAS:1361412562310871745", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871745", "type": "openvas", "title": "RedHat Update for bind RHSA-2017:0062-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2017:0062-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871745\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-16 17:10:31 +0100 (Mon, 16 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for bind RHSA-2017:0062-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND)\nis an implementation of the Domain Name System (DNS) protocols. BIND includes a\nDNS server (named) a resolver library (routines for applications to use when\ninterfacing with DNS) and tools for verifying that the DNS server is operating\ncorrectly.\n\nSecurity Fix(es):\n\n * A denial of service flaw was found in the way BIND processed a response\nto an ANY query. A remote attacker could use this flaw to make named exit\nunexpectedly with an assertion failure via a specially crafted DNS\nresponse. (CVE-2016-9131)\n\n * A denial of service flaw was found in the way BIND handled a query\nresponse containing inconsistent DNSSEC information. A remote attacker\ncould use this flaw to make named exit unexpectedly with an assertion\nfailure via a specially crafted DNS response. (CVE-2016-9147)\n\n * A denial of service flaw was found in the way BIND handled an\nunusually-formed DS record response. A remote attacker could use this flaw\nto make named exit unexpectedly with an assertion failure via a specially\ncrafted DNS response. (CVE-2016-9444)\n\nRed Hat would like to thank ISC for reporting these issues.\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0062-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind-license\", rpm:\"bind-license~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-lite\", rpm:\"bind-libs-lite~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11\", rpm:\"bind-pkcs11~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-libs\", rpm:\"bind-pkcs11-libs~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-utils\", rpm:\"bind-pkcs11-utils~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.4~38.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9147", "CVE-2016-9131", "CVE-2016-9444"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-17T00:00:00", "id": "OPENVAS:1361412562310872266", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872266", "type": "openvas", "title": "Fedora Update for bind99 FEDORA-2017-8f23f564ad", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind99 FEDORA-2017-8f23f564ad\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872266\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-17 05:49:25 +0100 (Tue, 17 Jan 2017)\");\n script_cve_id(\"CVE-2016-9131\", \"CVE-2016-9147\", \"CVE-2016-9444\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind99 FEDORA-2017-8f23f564ad\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind99'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind99 on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-8f23f564ad\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE6N7NMVO4DYYLH33DO6QD7SRW4IYFO6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind99\", rpm:\"bind99~9.9.9~4.P5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:14", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9147", "CVE-2016-8864", "CVE-2016-9131", "CVE-2016-9444"], "description": "[32:9.9.4-38.1]\n- Fix CVE-2016-9131 (ISC change 4508)\n- Fix CVE-2016-9147 (ISC change 4510)\n- Fix regression introduced by CVE-2016-8864 (ISC change 4530)\n- Fix CVE-2016-9444 (ISC change 4517)", "edition": 4, "modified": "2017-01-16T00:00:00", "published": "2017-01-16T00:00:00", "id": "ELSA-2017-0062", "href": "http://linux.oracle.com/errata/ELSA-2017-0062.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2017-08-17T07:09:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9778", "CVE-2016-9147", "CVE-2017-3136", "CVE-2016-9131", "CVE-2017-3140", "CVE-2017-3135", "CVE-2016-9444", "CVE-2017-3141", "CVE-2017-3137", "CVE-2017-3138"], "description": "### Background\n\nBIND (Berkeley Internet Name Domain) is a Name Server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could send a specially crafted DNS request to the BIND resolver resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll BIND users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.11.1_p1\"", "edition": 1, "modified": "2017-08-17T00:00:00", "published": "2017-08-17T00:00:00", "href": "https://security.gentoo.org/glsa/201708-01", "id": "GLSA-201708-01", "title": "BIND: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "slackware": [{"lastseen": "2020-10-25T16:36:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9778"], "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\n14.2, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/bind-9.10.4_P5-i586-1_slack14.2.txz: Upgraded.\n This update fixes a denial-of-service vulnerability. An error in handling\n certain queries can cause an assertion failure when a server is using the\n nxdomain-redirect feature to cover a zone for which it is also providing\n authoritative service. A vulnerable server could be intentionally stopped\n by an attacker if it was using a configuration that met the criteria for\n the vulnerability and if the attacker could cause it to accept a query\n that possessed the required attributes.\n Please note: This vulnerability affects the \"nxdomain-redirect\" feature,\n which is one of two methods of handling NXDOMAIN redirection, and is only\n available in certain versions of BIND. Redirection using zones of type\n \"redirect\" is not affected by this vulnerability.\n For more information, see:\n https://kb.isc.org/article/AA-01442\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.9_P5-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.9_P5-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.9_P5-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.9_P5-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.9_P5-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.9_P5-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.9_P5-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.9_P5-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.9_P5-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.9_P5-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.10.4_P5-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.10.4_P5-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.11.0_P2-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.11.0_P2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n2ea8577ea39d98836cdb0deea2f56948 bind-9.9.9_P5-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n6cb8e0f9195e2fb3e25210e10b9739d4 bind-9.9.9_P5-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n5b0fa2dd29851c837f7a48a1023d7176 bind-9.9.9_P5-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n817c0df7905719313b0c744e1454c061 bind-9.9.9_P5-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n8533c76b8030a5a4c48783af8549a5a5 bind-9.9.9_P5-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nfea9c90082b2b3e904dbaf4f7d5aed6d bind-9.9.9_P5-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\na1c0b82df84155b5357c79d42a127109 bind-9.9.9_P5-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n376a4483ac1e1b393eeacd2091081dff bind-9.9.9_P5-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n14c0ba19edc9932c61672e9e9ed3a762 bind-9.9.9_P5-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n6f8f9649d18f738c678112da345010c4 bind-9.9.9_P5-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n8a7a15c7a998cec8bbfd654d3bebcfbd bind-9.10.4_P5-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n7166a94c957fb41a96e70d32802bfaab bind-9.10.4_P5-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n1f3b4f95db313d0fa1d25f983a6e3026 n/bind-9.11.0_P2-i586-1.txz\n\nSlackware x86_64 -current package:\n00ed272b937c60aab8acff02bce347a0 n/bind-9.11.0_P2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.10.4_P5-i586-1_slack14.2.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2017-01-12T01:20:28", "published": "2017-01-12T01:20:28", "id": "SSA-2017-011-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.602456", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "aix": [{"lastseen": "2020-04-22T00:52:05", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9131"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Tue Mar 7 15:49:49 CST 2017\n|Updated: Mon Oct 2 11:03:19 CDT 2017\n|Update 1: Changed impacted fileset for AIX 7200-01.\n| Changed from: bos.net.tcp.client_core\n| to: bos.net.tcp.bind_utils 7.2.1.0-7.2.1.1.\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc\nhttps://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc\nftp://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc\n\n\nSecurity Bulletin: Vulnerability in BIND impact AIX (CVE-2016-9131)\n \n===============================================================================\n\nSUMMARY:\n\n There is a vulnerability in BIND that impacts AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2016-9131 \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131\n DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the\n improper handling of responses during recursion. By sending a malformed \n response to a RTYPE ANY query, a remote attacker could exploit this \n vulnerability to trigger an assertion failure.\n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/120472 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n \n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 5.3, 6.1, 7.1, 7.2\n \n The following fileset levels are vulnerable:\n \n key_fileset = aix\n\n Fileset Lower Level Upper Level KEY \n ------------------------------------------------------------\n bos.net.tcp.client 5.3.12.0 5.3.12.10 key_w_fs\n bos.net.tcp.client 6.1.9.0 6.1.9.200 key_w_fs\n bos.net.tcp.client 7.1.3.0 7.1.3.48 key_w_fs\n bos.net.tcp.client 7.1.4.0 7.1.4.30 key_w_fs\n bos.net.tcp.client_core 7.2.0.0 7.2.0.3 key_w_fs\n| bos.net.tcp.bind_utils 7.2.1.0 7.2.1.1 key_w_fs\n\n \n Note: To find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ------------------------------------------------\n 5.3.12 IV93366 ** N/A key_w_apar\n 6.1.9 IV93361 ** SP9 key_w_apar\n 7.1.3 IV93362 ** SP9 key_w_apar\n 7.1.4 IV93363 ** SP4 key_w_apar\n 7.2.0 IV93403 ** SP4 key_w_apar\n 7.2.1 IV93365 ** SP2 key_w_apar\n \n ** Please refer to AIX support lifecycle information page for \n availability of Service Packs:\n http://www-01.ibm.com/support/docview.wss?uid=isg3T1012517\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV93366\n http://www.ibm.com/support/docview.wss?uid=isg1IV93361\n http://www.ibm.com/support/docview.wss?uid=isg1IV93362 \n http://www.ibm.com/support/docview.wss?uid=isg1IV93363\n http://www.ibm.com/support/docview.wss?uid=isg1IV93403\n http://www.ibm.com/support/docview.wss?uid=isg1IV93365\n\n https://www.ibm.com/support/docview.wss?uid=isg1IV93366\n https://www.ibm.com/support/docview.wss?uid=isg1IV93361\n https://www.ibm.com/support/docview.wss?uid=isg1IV93362 \n https://www.ibm.com/support/docview.wss?uid=isg1IV93363\n https://www.ibm.com/support/docview.wss?uid=isg1IV93403\n https://www.ibm.com/support/docview.wss?uid=isg1IV93365\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available.\n\n The fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/bind_fix15.tar\n http://aix.software.ibm.com/aix/efixes/security/bind_fix15.tar\n https://aix.software.ibm.com/aix/efixes/security/bind_fix15.tar\n\n The links above are to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n \n AIX Level Interim Fix (*.Z) KEY\n ----------------------------------------------\n 5.3.12.9 IV93366m9a.170215.epkg.Z key_w_fix\n 6.1.9.6 IV93361m8a.170215.epkg.Z key_w_fix\n 6.1.9.7 IV93361m8a.170215.epkg.Z key_w_fix\n 6.1.9.8 IV93361m8a.170215.epkg.Z key_w_fix\n 7.1.3.6 IV93362m8a.170215.epkg.Z key_w_fix\n 7.1.3.7 IV93362m8a.170215.epkg.Z key_w_fix\n 7.1.3.8 IV93362m8a.170215.epkg.Z key_w_fix\n 7.1.4.1 IV93363m3a.170215.epkg.Z key_w_fix\n 7.1.4.2 IV93363m3a.170215.epkg.Z key_w_fix \n 7.1.4.3 IV93363m3a.170215.epkg.Z key_w_fix\n 7.2.0.1 IV93403m3a.170215.epkg.Z key_w_fix\n 7.2.0.2 IV93403m3a.170215.epkg.Z key_w_fix\n 7.2.0.3 IV93403m3a.170215.epkg.Z key_w_fix\n 7.2.1.0 IV93365m1a.170215.epkg.Z key_w_fix\n 7.2.1.1 IV93365m1a.170215.epkg.Z key_w_fix\n\n \n\n Please note that the above table refers to AIX TL/SP level as\n opposed to fileset level, i.e., 7.1.3.5 is AIX 7100-03-05.\n\n \n The above fixes are cumulative and address previously issued\n AIX BIND security bulletins with respect to SP and TL. \n\n To extract the fixes from the tar file:\n\n tar xvf bind_fix15.tar\n cd bind_fix15 \n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 [filename]\" command as the following:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 53f40b333c357a59ddd41dab42d8dcb0b8f2caf6ac4d10e1accac635eaf63230 IV93366m9a.170215.epkg.Z key_w_csum\n f3c62e3f3cf77d3ad49f7a253437fc1c07664f084a7e6cc9f2edfc434d43a20f IV93361m8a.170215.epkg.Z key_w_csum\n 70315bb6134e3e95423d7861de6ee1a1e2192b82b2d4ad3789aabe7879956f54 IV93362m8a.170215.epkg.Z key_w_csum\n 2ee8b789c628a0d5aa52606fc6cf8ef695da8cadae3fc7065270eaa84b6b980c IV93363m3a.170215.epkg.Z key_w_csum\n 47f7846b5e7b21e12ea6f2d6a18d82192659306449b9be432eca9cba18f6dda2 IV93403m3a.170215.epkg.Z key_w_csum\n 393ef4ed967efe3b08f39ad7f595e62f302db309dd6d78c3fec8b7ac983c6c68 IV93365m1a.170215.epkg.Z key_w_csum\n \n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM Support at\n http://ibm.com/support/ and describe the discrepancy.\n \n openssl dgst -sha1 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]\n \n openssl dgst -sha1 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n https://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e epkg_name -p # where epkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e epkg_name -X # where epkg_name is the name of the\n # interim fix package being installed.\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n Note: Keywords labeled as KEY in this document are used for parsing\n purposes.\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n https://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n https://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Contact IBM Support for questions related to this announcement:\n\n http://ibm.com/support/\n https://ibm.com/support/\n\n \n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n https://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\nhttp://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\nhttps://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v3 Guide: \n http://www.first.org/cvss/user-guide\n https://www.first.org/cvss/user-guide\n\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n https://www.first.org/cvss/calculator/3.0\n\n\nACKNOWLEDGEMENTS:\n\n None.\n\n\nCHANGE HISTORY:\n\n First Issued: Tue Mar 7 15:49:49 CST 2017\n| Updated: Mon Oct 2 11:03:19 CDT 2017\n| Update 1: Changed impacted fileset for AIX 7200-01.\n| Changed from: bos.net.tcp.client_core\n| to: bos.net.tcp.bind_utils 7.2.1.0-7.2.1.1.\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n\n\n", "edition": 13, "modified": "2017-10-02T11:03:19", "published": "2017-03-07T15:49:49", "id": "BIND_ADVISORY15.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc", "title": "There is a vulnerability in BIND that impacts AIX.", "type": "aix", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}