{"published": "2010-06-01T00:00:00", "id": "GLSA-201006-11", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2016-09-06T19:46:00", "rev": 2}, "dependencies": {"references": [{"type": "f5", "idList": ["SOL10898", "SOL15787", "SOL15748", "SOL17025"]}, {"type": "cve", "idList": ["CVE-2009-4022", "CVE-2010-0382", "CVE-2010-0097", "CVE-2010-0290"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840373", "OPENVAS:840373", "OPENVAS:67632", "OPENVAS:136141256231069014", "OPENVAS:69014", "OPENVAS:1361412562310100458", "OPENVAS:136141256231067539", "OPENVAS:67539", "OPENVAS:1361412562310870212", "OPENVAS:1361412562310835240"]}, {"type": "redhat", "idList": ["RHSA-2010:0062"]}, {"type": "centos", "idList": ["CESA-2010:0062", "CESA-2009:1620"]}, {"type": "nessus", "idList": ["SUSE_11_2_BIND-100121.NASL", "REDHAT-RHSA-2010-0062.NASL", "SUSE_11_1_BIND-100121.NASL", "CENTOS_RHSA-2010-0062.NASL", "UBUNTU_USN-888-1.NASL", "DEBIAN_DSA-2054.NASL", "MANDRIVA_MDVSA-2010-021.NASL", "ORACLELINUX_ELSA-2010-0062.NASL", "SUSE_11_0_BIND-100121.NASL", "GENTOO_GLSA-201006-11.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10431", "SECURITYVULNS:DOC:22848", "SECURITYVULNS:DOC:23087", "SECURITYVULNS:DOC:23395"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0062"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2054-2:DAD3F", "DEBIAN:DSA-2054-1:C437D"]}, {"type": "ubuntu", "idList": ["USN-888-1"]}, {"type": "slackware", "idList": ["SSA-2010-176-01"]}, {"type": "cert", "idList": ["VU:360341"]}, {"type": "seebug", "idList": ["SSV:14986"]}], "modified": "2016-09-06T19:46:00", "rev": 2}, "vulnersScore": 6.6}, "description": "### Background\n\nISC BIND is the Internet Systems Consortium implementation of the Domain Name System (DNS) protocol. \n\n### Description\n\nMultiple cache poisoning vulnerabilities were discovered in BIND. For further information please consult the CVE entries and the ISC Security Bulletin referenced below. \n\nNote: CVE-2010-0290 and CVE-2010-0382 exist because of an incomplete fix and a regression for CVE-2009-4022. \n\n### Impact\n\nAn attacker could exploit this weakness to poison the cache of a recursive resolver and thus spoof DNS traffic, which could e.g. lead to the redirection of web or mail traffic to malicious sites. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll BIND users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.4.3_p5\"", "type": "gentoo", "lastseen": "2016-09-06T19:46:00", "edition": 1, "title": "BIND: Multiple vulnerabilities", "href": "https://security.gentoo.org/glsa/201006-11", "modified": "2010-06-01T00:00:00", "bulletinFamily": "unix", "viewCount": 1, "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "affectedPackage": [{"packageVersion": "9.4.3_p5", "packageName": "net-dns/bind", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt", "OSVersion": "any", "OS": "Gentoo"}], "references": ["https://www.isc.org/advisories/CVE2009-4022", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022", "https://bugs.gentoo.org/show_bug.cgi?id=301548", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290", "https://bugs.gentoo.org/show_bug.cgi?id=308035"], "reporter": "Gentoo Foundation", "immutableFields": []}

{"f5": [{"lastseen": "2016-11-09T00:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2010-0290", "CVE-2009-4022"], "edition": 1, "description": "Recommended action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n", "modified": "2014-10-27T00:00:00", "published": "2014-10-27T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15748.html", "id": "SOL15748", "title": "SOL15748 - BIND vulnerability CVE-2010-0290", "type": "f5", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:07", "bulletinFamily": "software", "cvelist": ["CVE-2010-0382"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2014-11-03T00:00:00", "published": "2014-11-03T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15787.html", "id": "SOL15787", "title": "SOL15787 - BIND vulnerability CVE-2010-0382", "type": "f5", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:22:59", "bulletinFamily": "software", "cvelist": ["CVE-2009-4022"], "edition": 1, "description": "Vulnerability description and product information:\n\nUnspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed \"at the same time as requesting DNSSEC records (DO).\"\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022>\n\nF5 Product Development is tracked this issue as CR133100 and it was fixed in BIG-IP 10.2.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, PSM, Link Controller, WebAccelerator, APM, WOM, or Edge Gateway release notes.\n", "modified": "2013-07-03T00:00:00", "published": "2009-12-22T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/10000/800/sol10898.html", "id": "SOL10898", "title": "SOL10898 - DNSSEC BIND vulnerability - CVE-2009-4022", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:31", "bulletinFamily": "software", "cvelist": ["CVE-2010-0097"], "edition": 1, "description": "ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records. ([CVE-2010-0097](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097>))\n", "modified": "2015-07-30T00:00:00", "published": "2015-07-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/000/sol17025.html", "id": "SOL17025", "title": "SOL17025 - BIND DNSSEC vulnerability CVE-2010-0097", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-09-04T14:19:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-11.", "modified": "2017-08-28T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:69014", "href": "http://plugins.openvas.org/nasl.php?oid=69014", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-11 (BIND)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several cache poisoning vulnerabilities have been found in BIND.\";\ntag_solution = \"All BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.4.3_p5'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-11\nhttp://bugs.gentoo.org/show_bug.cgi?id=301548\nhttp://bugs.gentoo.org/show_bug.cgi?id=308035\nhttps://www.isc.org/advisories/CVE2009-4022\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201006-11.\";\n\n \n \n\nif(description)\n{\n script_id(69014);\n script_version(\"$Revision: 7015 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Gentoo Security Advisory GLSA 201006-11 (BIND)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.4.3_p5\"), vulnerable: make_list(\"lt 9.4.3_p5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-11.", "modified": "2019-03-14T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:136141256231069014", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069014", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-11 (BIND)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201006_11.nasl 14171 2019-03-14 10:22:03Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69014\");\n script_version(\"$Revision: 14171 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 11:22:03 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Gentoo Security Advisory GLSA 201006-11 (BIND)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Several cache poisoning vulnerabilities have been found in BIND.\");\n script_tag(name:\"solution\", value:\"All BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.4.3_p5'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-11\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=301548\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=308035\");\n script_xref(name:\"URL\", value:\"https://www.isc.org/advisories/CVE2009-4022\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201006-11.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.4.3_p5\"), vulnerable: make_list(\"lt 9.4.3_p5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:49:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2054-1.", "modified": "2017-07-07T00:00:00", "published": "2010-06-10T00:00:00", "id": "OPENVAS:67539", "href": "http://plugins.openvas.org/nasl.php?oid=67539", "type": "openvas", "title": "Debian Security Advisory DSA 2054-1 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2054_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2054-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities are apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2010-0097\nBIND does not properly validate DNSSEC NSEC records, which allows\nremote attackers to add the Authenticated Data (AD) flag to a forged\nNXDOMAIN response for an existing domain.\n\nCVE-2010-0290\nWhen processing crafted responses containing CNAME or DNAME records,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nCVE-2010-0382\nWhen processing certain responses containing out-of-bailiwick data,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\nroll over and die phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using apt-get\ndist-upgrade (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:9.7.0.dfsg-1.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2054-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202054-1\";\n\n\nif(description)\n{\n script_id(67539);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-10 21:49:43 +0200 (Thu, 10 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Debian Security Advisory DSA 2054-1 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc52\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns55\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2054-1.", "modified": "2018-01-09T00:00:00", "published": "2010-06-10T00:00:00", "id": "OPENVAS:136141256231067539", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067539", "type": "openvas", "title": "Debian Security Advisory DSA 2054-1 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2054_1.nasl 8338 2018-01-09 08:00:38Z teissa $\n# Description: Auto-generated from advisory DSA 2054-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities are apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2010-0097\nBIND does not properly validate DNSSEC NSEC records, which allows\nremote attackers to add the Authenticated Data (AD) flag to a forged\nNXDOMAIN response for an existing domain.\n\nCVE-2010-0290\nWhen processing crafted responses containing CNAME or DNAME records,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nCVE-2010-0382\nWhen processing certain responses containing out-of-bailiwick data,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\nroll over and die phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using apt-get\ndist-upgrade (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:9.7.0.dfsg-1.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2054-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202054-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67539\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-10 21:49:43 +0200 (Thu, 10 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Debian Security Advisory DSA 2054-1 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc52\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns55\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.ESV.R1+dfsg-0+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2054-2.", "modified": "2017-07-07T00:00:00", "published": "2010-07-06T00:00:00", "id": "OPENVAS:67632", "href": "http://plugins.openvas.org/nasl.php?oid=67632", "type": "openvas", "title": "Debian Security Advisory DSA 2054-2 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2054_2.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2054-2 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update restores the PID file location for bind to the location\nbefore the last security update. For reference, here is the original\nadvisory text that explains the security problems fixed:\n\nSeveral cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities are apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2010-0097\nBIND does not properly validate DNSSEC NSEC records, which allows\nremote attackers to add the Authenticated Data (AD) flag to a forged\nNXDOMAIN response for an existing domain.\n\nCVE-2010-0290\nWhen processing crafted responses containing CNAME or DNAME records,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nCVE-2010-0382\nWhen processing certain responses containing out-of-bailiwick data,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\nroll over and die phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using apt-get\ndist-upgrade (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny2.\n\nThe unstable distribution is not affected by the wrong PID file location.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2054-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202054-2\";\n\n\nif(description)\n{\n script_id(67632);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Debian Security Advisory DSA 2054-2 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns45\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns55\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc45\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc52\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-06T13:05:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2054-2.", "modified": "2018-01-03T00:00:00", "published": "2010-07-06T00:00:00", "id": "OPENVAS:136141256231067632", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067632", "type": "openvas", "title": "Debian Security Advisory DSA 2054-2 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2054_2.nasl 8274 2018-01-03 07:28:17Z teissa $\n# Description: Auto-generated from advisory DSA 2054-2 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update restores the PID file location for bind to the location\nbefore the last security update. For reference, here is the original\nadvisory text that explains the security problems fixed:\n\nSeveral cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities are apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2010-0097\nBIND does not properly validate DNSSEC NSEC records, which allows\nremote attackers to add the Authenticated Data (AD) flag to a forged\nNXDOMAIN response for an existing domain.\n\nCVE-2010-0290\nWhen processing crafted responses containing CNAME or DNAME records,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nCVE-2010-0382\nWhen processing certain responses containing out-of-bailiwick data,\nBIND is subject to a DNS cache poisoning vulnerability, provided that\nDNSSEC validation is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\nroll over and die phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using apt-get\ndist-upgrade (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny2.\n\nThe unstable distribution is not affected by the wrong PID file location.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2054-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202054-2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67632\");\n script_version(\"$Revision: 8274 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 08:28:17 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"Debian Security Advisory DSA 2054-2 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns45\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns55\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc45\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc52\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres40\", ver:\"9.5.1.dfsg.P3-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.ESV.R1+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-11T19:44:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "ISC BIND 9 is prone to a remote cache-poisoning vulnerability.", "modified": "2019-12-10T00:00:00", "published": "2010-01-20T00:00:00", "id": "OPENVAS:1361412562310100458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100458", "type": "openvas", "title": "ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Updated By : Antu Sanadi <santu@secpod.com> 2010-01-129 #6962\n# Added the CVE-2010-0290 and CVE-2010-0382\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:isc:bind\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100458\");\n script_version(\"2019-12-10T15:03:15+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 15:03:15 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 19:30:24 +0100 (Wed, 20 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_bugtraq_id(37865);\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"bind_version.nasl\");\n script_mandatory_keys(\"isc/bind/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37865\");\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/360341\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/aa-00932\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for details.\");\n\n script_tag(name:\"summary\", value:\"ISC BIND 9 is prone to a remote cache-poisoning vulnerability.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage this issue to manipulate cache data,\n potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks.\");\n\n script_tag(name:\"affected\", value:\"Versions prior to the following are vulnerable:\n\n BIND 9.4.3-P5 BIND 9.5.2-P2 BIND 9.6.1-P3\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version =~ \"^9\\.[0-4]+\" ) {\n if( version_is_less( version:version, test_version: \"9.4.3p5\" ) ) {\n fix = \"9.4.3-P5\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^9\\.5\" ) {\n if( version_is_less( version:version, test_version:\"9.5.2p2\" ) ) {\n fix = \"9.5.3-P2\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^9\\.6\" ) {\n if( version_is_less( version:version, test_version:\"9.6.1p3\" ) ) {\n fix = \"9.6.1-P3\";\n VULN = TRUE;\n }\n}\n\nif( VULN ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "Oracle Linux Local Security Checks ELSA-2010-0062", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122397", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122397", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0062", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0062.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122397\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:18:15 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0062\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0062 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0062\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0062.html\");\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:54:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2009-4022"], "description": "Check for the Version of BIND", "modified": "2017-12-25T00:00:00", "published": "2010-10-01T00:00:00", "id": "OPENVAS:1361412562310835240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835240", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02546", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for BIND HPSBUX02546\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized disclosure of information\";\ntag_affected = \"BIND on\n HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX running \n BIND. The vulnerability could be exploited remotely to create a Denial of \n Service (DoS) and permit unauthorized disclosure of information.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02263226\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835240\");\n script_version(\"$Revision: 8244 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-01 08:16:52 +0200 (Fri, 01 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02546\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"HP-UX Update for BIND HPSBUX02546\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of BIND\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-AUX\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS-INETD\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS-RUN\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS2-RUN\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BINDv920.INETSVCS-BIND\", revision:\"B.11.11.01.015\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2009-4022"], "description": "Check for the Version of BIND", "modified": "2017-12-13T00:00:00", "published": "2010-10-01T00:00:00", "id": "OPENVAS:835240", "href": "http://plugins.openvas.org/nasl.php?oid=835240", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02546", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for BIND HPSBUX02546\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized disclosure of information\";\ntag_affected = \"BIND on\n HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX running \n BIND. The vulnerability could be exploited remotely to create a Denial of \n Service (DoS) and permit unauthorized disclosure of information.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02263226\");\n script_id(835240);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-01 08:16:52 +0200 (Fri, 01 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02546\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_name(\"HP-UX Update for BIND HPSBUX02546\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of BIND\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-AUX\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS-INETD\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS-RUN\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS2-RUN\", patch_list:['PHNE_40339'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.7.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BINDv920.INETSVCS-BIND\", revision:\"B.11.11.01.015\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:24:58", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0062\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If BIND was\nrunning as a DNSSEC-validating resolver, it could incorrectly cache\nNXDOMAIN responses, as if they were valid, for records proven by NSEC or\nNSEC3 to exist. A remote attacker could use this flaw to cause a BIND\nserver to return the bogus, cached NXDOMAIN responses for valid records and\nprevent users from retrieving those records (denial of service).\n(CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND was\nincorrectly caching certain responses without performing proper DNSSEC\nvalidation. CNAME and DNAME records could be cached, without proper DNSSEC\nvalidation, when received from processing recursive client queries that\nrequested DNSSEC records but indicated that checking should be disabled. A\nremote attacker could use this flaw to bypass the DNSSEC validation check\nand perform a cache poisoning attack if the target BIND server was\nreceiving such client queries. (CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-January/028515.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-January/028516.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\n", "edition": 5, "modified": "2010-01-20T17:59:57", "published": "2010-01-20T17:59:57", "href": "http://lists.centos.org/pipermail/centos-announce/2010-January/028515.html", "id": "CESA-2010:0062", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-12-11T13:31:26", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022", "CVE-2010-0097", "CVE-2010-0290", "CVE-2010-0382"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If BIND was\nrunning as a DNSSEC-validating resolver, it could incorrectly cache\nNXDOMAIN responses, as if they were valid, for records proven by NSEC or\nNSEC3 to exist. A remote attacker could use this flaw to cause a BIND\nserver to return the bogus, cached NXDOMAIN responses for valid records and\nprevent users from retrieving those records (denial of service).\n(CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND was\nincorrectly caching certain responses without performing proper DNSSEC\nvalidation. CNAME and DNAME records could be cached, without proper DNSSEC\nvalidation, when received from processing recursive client queries that\nrequested DNSSEC records but indicated that checking should be disabled. A\nremote attacker could use this flaw to bypass the DNSSEC validation check\nand perform a cache poisoning attack if the target BIND server was\nreceiving such client queries. (CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "modified": "2017-09-08T11:50:41", "published": "2010-01-20T05:00:00", "id": "RHSA-2010:0062", "href": "https://access.redhat.com/errata/RHSA-2010:0062", "type": "redhat", "title": "(RHSA-2010:0062) Moderate: bind security update", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:50", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nMichael Sinatra discovered that BIND was incorrectly caching responses\nwithout performing proper DNSSEC validation, when those responses were\nreceived during the resolution of a recursive client query that requested\nDNSSEC records but indicated that checking should be disabled. A remote\nattacker could use this flaw to bypass the DNSSEC validation check and\nperform a cache poisoning attack if the target BIND server was receiving\nsuch client queries. (CVE-2009-4022)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "modified": "2017-09-08T12:13:25", "published": "2009-11-30T05:00:00", "id": "RHSA-2009:1620", "href": "https://access.redhat.com/errata/RHSA-2009:1620", "type": "redhat", "title": "(RHSA-2009:1620) Moderate: bind security update", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "[30:9.3.6-4.P1.2]\n- NSEC validation code could cause wrong NXDOMAIN responses (#554851,\n CVE-2010-0097)\n- improve fix for CVE-2009-4022 (#538744)\n - {C,D}NAMEs could be returned to clients without proper DNSSEC validation\n - don't validate + cache out-of-bailiwick data returned with a secure answer.\n Refetch it instead. ", "edition": 4, "modified": "2010-01-20T00:00:00", "published": "2010-01-20T00:00:00", "id": "ELSA-2010-0062", "href": "http://linux.oracle.com/errata/ELSA-2010-0062.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022"], "description": "[30:9.3.6-4.P1.1]\n- don't cache unvalidated additional sections (#538744) ", "edition": 4, "modified": "2009-11-30T00:00:00", "published": "2009-11-30T00:00:00", "id": "ELSA-2009-1620", "href": "http://linux.oracle.com/errata/ELSA-2009-1620.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-06T09:26:08", "description": "Updated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.", "edition": 26, "published": "2010-01-21T00:00:00", "title": "CentOS 5 : bind (CESA-2010:0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-21T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-devel", "p-cpe:/a:centos:centos:caching-nameserver", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-chroot", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:bind-libbind-devel"], "id": "CENTOS_RHSA-2010-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/44099", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0062 and \n# CentOS Errata and Security Advisory 2010:0062 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44099);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"RHSA\", value:\"2010:0062\");\n\n script_name(english:\"CentOS 5 : bind (CESA-2010:0062)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-January/016477.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a4e3ef7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-January/016478.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b608743b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-chroot-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libs-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-sdb-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-utils-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"caching-nameserver-9.3.6-4.P1.el5_4.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:56", "description": "From Red Hat Security Advisory 2010:0062 :\n\nUpdated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : bind (ELSA-2010-0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:caching-nameserver", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-libbind-devel"], "id": "ORACLELINUX_ELSA-2010-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/67991", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0062 and \n# Oracle Linux Security Advisory ELSA-2010-0062 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67991);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"RHSA\", value:\"2010:0062\");\n\n script_name(english:\"Oracle Linux 5 : bind (ELSA-2010-0062)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0062 :\n\nUpdated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-January/001334.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-chroot-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libs-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-sdb-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-utils-9.3.6-4.P1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"caching-nameserver-9.3.6-4.P1.el5_4.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:52:33", "description": "Some vulnerabilities were discovered and corrected in bind :\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries\n(CVE-2010-0290).\n\nThere was an error in the DNSSEC NSEC/NSEC3 validation code that could\ncause bogus NXDOMAIN responses (that is, NXDOMAIN responses for\nrecords proven by NSEC or NSEC3 to exist) to be cached as if they had\nvalidated correctly, so that future queries to the resolver would\nreturn the bogus NXDOMAIN with the AD flag set (CVE-2010-0097).\n\nISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before\n9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick\ndata accompanying a secure response without re-fetching from the\noriginal source, which allows remote attackers to have an unspecified\nimpact via a crafted response, aka Bug 20819. NOTE: this vulnerability\nexists because of a regression during the fix for CVE-2009-4022\n(CVE-2010-0382).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nAdditionally BIND has been upgraded to the latest patch release\nversion.", "edition": 25, "published": "2010-01-21T00:00:00", "title": "Mandriva Linux Security Advisory : bind (MDVSA-2010:021)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-21T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:bind-utils", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:bind-doc", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:bind", "p-cpe:/a:mandriva:linux:bind-devel"], "id": "MANDRIVA_MDVSA-2010-021.NASL", "href": "https://www.tenable.com/plugins/nessus/44102", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:021. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44102);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"MDVSA\", value:\"2010:021\");\n\n script_name(english:\"Mandriva Linux Security Advisory : bind (MDVSA-2010:021)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in bind :\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries\n(CVE-2010-0290).\n\nThere was an error in the DNSSEC NSEC/NSEC3 validation code that could\ncause bogus NXDOMAIN responses (that is, NXDOMAIN responses for\nrecords proven by NSEC or NSEC3 to exist) to be cached as if they had\nvalidated correctly, so that future queries to the resolver would\nreturn the bogus NXDOMAIN with the AD flag set (CVE-2010-0097).\n\nISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before\n9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick\ndata accompanying a secure response without re-fetching from the\noriginal source, which allows remote attackers to have an unspecified\nimpact via a crafted response, aka Bug 20819. NOTE: this vulnerability\nexists because of a regression during the fix for CVE-2009-4022\n(CVE-2010-0382).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nAdditionally BIND has been upgraded to the latest patch release\nversion.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=557121\"\n );\n # https://www.isc.org/advisories/CVE-2009-4022v6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bind-announce&m=126392310412888\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.isc.org/advisories/CVE-2010-0097\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"bind-9.4.3-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"bind-devel-9.4.3-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"bind-utils-9.4.3-0.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-9.5.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-devel-9.5.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-doc-9.5.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-utils-9.5.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"bind-9.6.1-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"bind-devel-9.6.1-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"bind-doc-9.6.1-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"bind-utils-9.6.1-0.2mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-9.6.1-4.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-devel-9.6.1-4.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-doc-9.6.1-4.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-utils-9.6.1-4.2mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:07:25", "description": "Updated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.", "edition": 27, "published": "2010-01-21T00:00:00", "title": "RHEL 5 : bind (RHSA-2010:0062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-21T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:caching-nameserver", "p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "cpe:/o:redhat:enterprise_linux:5.4", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-sdb"], "id": "REDHAT-RHSA-2010-0062.NASL", "href": "https://www.tenable.com/plugins/nessus/44105", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0062. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44105);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"RHSA\", value:\"2010:0062\");\n\n script_name(english:\"RHEL 5 : bind (RHSA-2010:0062)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If\nBIND was running as a DNSSEC-validating resolver, it could incorrectly\ncache NXDOMAIN responses, as if they were valid, for records proven by\nNSEC or NSEC3 to exist. A remote attacker could use this flaw to cause\na BIND server to return the bogus, cached NXDOMAIN responses for valid\nrecords and prevent users from retrieving those records (denial of\nservice). (CVE-2010-0097)\n\nThe original fix for CVE-2009-4022 was found to be incomplete. BIND\nwas incorrectly caching certain responses without performing proper\nDNSSEC validation. CNAME and DNAME records could be cached, without\nproper DNSSEC validation, when received from processing recursive\nclient queries that requested DNSSEC records but indicated that\nchecking should be disabled. A remote attacker could use this flaw to\nbypass the DNSSEC validation check and perform a cache poisoning\nattack if the target BIND server was receiving such client queries.\n(CVE-2010-0290)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0062\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0062\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-chroot-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-chroot-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-chroot-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libs-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-sdb-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-sdb-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-sdb-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-utils-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-utils-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-utils-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"caching-nameserver-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"caching-nameserver-9.3.6-4.P1.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"caching-nameserver-9.3.6-4.P1.el5_4.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:39", "description": "The remote host is affected by the vulnerability described in GLSA-201006-11\n(BIND: Multiple vulnerabilities)\n\n Multiple cache poisoning vulnerabilities were discovered in BIND. For\n further information please consult the CVE entries and the ISC Security\n Bulletin referenced below.\n Note: CVE-2010-0290 and CVE-2010-0382 exist because of an incomplete\n fix and a regression for CVE-2009-4022.\n \nImpact :\n\n An attacker could exploit this weakness to poison the cache of a\n recursive resolver and thus spoof DNS traffic, which could e.g. lead to\n the redirection of web or mail traffic to malicious sites.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2010-06-02T00:00:00", "title": "GLSA-201006-11 : BIND: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-06-02T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:bind"], "id": "GENTOO_GLSA-201006-11.NASL", "href": "https://www.tenable.com/plugins/nessus/46778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201006-11.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46778);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_xref(name:\"GLSA\", value:\"201006-11\");\n\n script_name(english:\"GLSA-201006-11 : BIND: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201006-11\n(BIND: Multiple vulnerabilities)\n\n Multiple cache poisoning vulnerabilities were discovered in BIND. For\n further information please consult the CVE entries and the ISC Security\n Bulletin referenced below.\n Note: CVE-2010-0290 and CVE-2010-0382 exist because of an incomplete\n fix and a regression for CVE-2009-4022.\n \nImpact :\n\n An attacker could exploit this weakness to poison the cache of a\n recursive resolver and thus spoof DNS traffic, which could e.g. lead to\n the redirection of web or mail traffic to malicious sites.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.isc.org/advisories/CVE2009-4022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201006-11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All BIND users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.4.3_p5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/bind\", unaffected:make_list(\"ge 9.4.3_p5\"), vulnerable:make_list(\"lt 9.4.3_p5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"BIND\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:45:59", "description": "Several cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2010-0097\n BIND does not properly validate DNSSEC NSEC records,\n which allows remote attackers to add the Authenticated\n Data (AD) flag to a forged NXDOMAIN response for an\n existing domain.\n\n - CVE-2010-0290\n When processing crafted responses containing CNAME or\n DNAME records, BIND is subject to a DNS cache poisoning\n vulnerability, provided that DNSSEC validation is\n enabled and trust anchors have been installed.\n\n - CVE-2010-0382\n When processing certain responses containing\n out-of-bailiwick data, BIND is subject to a DNS cache\n poisoning vulnerability, provided that DNSSEC validation\n is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\n'roll over and die' phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using 'apt-get\ndist-upgrade' (or an equivalent aptitude command).", "edition": 26, "published": "2010-06-08T00:00:00", "title": "Debian DSA-2054-1 : bind9 - DNS cache poisoning", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "modified": "2010-06-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2054.NASL", "href": "https://www.tenable.com/plugins/nessus/46829", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2054. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46829);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2010-0382\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"DSA\", value:\"2054\");\n\n script_name(english:\"Debian DSA-2054-1 : bind9 - DNS cache poisoning\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2010-0097\n BIND does not properly validate DNSSEC NSEC records,\n which allows remote attackers to add the Authenticated\n Data (AD) flag to a forged NXDOMAIN response for an\n existing domain.\n\n - CVE-2010-0290\n When processing crafted responses containing CNAME or\n DNAME records, BIND is subject to a DNS cache poisoning\n vulnerability, provided that DNSSEC validation is\n enabled and trust anchors have been installed.\n\n - CVE-2010-0382\n When processing certain responses containing\n out-of-bailiwick data, BIND is subject to a DNS cache\n poisoning vulnerability, provided that DNSSEC validation\n is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\n'roll over and die' phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using 'apt-get\ndist-upgrade' (or an equivalent aptitude command).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2054\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"bind9\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9-doc\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9-host\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9utils\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dnsutils\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libbind-dev\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libbind9-50\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libdns55\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisc52\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisccc50\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisccfg50\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"liblwres50\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"lwresd\", reference:\"1:9.6.ESV.R1+dfsg-0+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:09:58", "description": "When bind is configured for DNSSEC it could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290). All these bugs have been fixed.", "edition": 23, "published": "2010-01-26T00:00:00", "title": "SuSE 11 Security Update : bind (SAT Patch Number 1844)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:bind-libs", "p-cpe:/a:novell:suse_linux:11:bind-doc", "p-cpe:/a:novell:suse_linux:11:bind", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:bind-utils", "p-cpe:/a:novell:suse_linux:11:bind-libs-32bit", "p-cpe:/a:novell:suse_linux:11:bind-chrootenv"], "id": "SUSE_11_BIND-100121.NASL", "href": "https://www.tenable.com/plugins/nessus/44311", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44311);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\");\n\n script_name(english:\"SuSE 11 Security Update : bind (SAT Patch Number 1844)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When bind is configured for DNSSEC it could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290). All these bugs have been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=570912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4022.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0097.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0290.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1844.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"bind-libs-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"bind-utils-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"bind-libs-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"bind-utils-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"bind-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"bind-chrootenv-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"bind-doc-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"bind-libs-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"bind-utils-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"bind-libs-32bit-9.5.0P2-20.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.5.0P2-20.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-01T07:41:30", "description": "It was discovered that Bind would incorrectly cache bogus NXDOMAIN\nresponses. When DNSSEC validation is in use, a remote attacker could\nexploit this to cause a denial of service, and possibly poison DNS\ncaches. (CVE-2010-0097)\n\nUSN-865-1 provided updated Bind packages to fix a security\nvulnerability. The upstream security patch to fix CVE-2009-4022 was\nincomplete and CVE-2010-0290 was assigned to the issue. This update\ncorrects the problem.\n\nMichael Sinatra discovered that Bind did not correctly validate\ncertain records added to its cache. When DNSSEC validation is in use,\na remote attacker could exploit this to spoof DNS entries and poison\nDNS caches. Among other things, this could lead to misdirected email\nand web traffic.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2010-01-21T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : bind9 vulnerabilities (USN-888-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2021-04-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liblwres40", "p-cpe:/a:canonical:ubuntu_linux:libisccfg30", "p-cpe:/a:canonical:ubuntu_linux:libisccc40", "p-cpe:/a:canonical:ubuntu_linux:libdns21", "p-cpe:/a:canonical:ubuntu_linux:libbind-dev", "p-cpe:/a:canonical:ubuntu_linux:liblwres30", "p-cpe:/a:canonical:ubuntu_linux:bind9utils", "p-cpe:/a:canonical:ubuntu_linux:libbind9-50", "p-cpe:/a:canonical:ubuntu_linux:libbind9-30", "p-cpe:/a:canonical:ubuntu_linux:libdns45", "p-cpe:/a:canonical:ubuntu_linux:libisccfg40", "p-cpe:/a:canonical:ubuntu_linux:bind9-host", "p-cpe:/a:canonical:ubuntu_linux:libdns46", "p-cpe:/a:canonical:ubuntu_linux:libdns36", "p-cpe:/a:canonical:ubuntu_linux:libisc50", "p-cpe:/a:canonical:ubuntu_linux:bind9", "p-cpe:/a:canonical:ubuntu_linux:libisc35", "p-cpe:/a:canonical:ubuntu_linux:libisc44", "p-cpe:/a:canonical:ubuntu_linux:libisc11", "p-cpe:/a:canonical:ubuntu_linux:libisccc30", "p-cpe:/a:canonical:ubuntu_linux:bind9-doc", "p-cpe:/a:canonical:ubuntu_linux:libisccfg50", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libdns53", "p-cpe:/a:canonical:ubuntu_linux:lwresd", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:dnsutils", "p-cpe:/a:canonical:ubuntu_linux:libdns43", "p-cpe:/a:canonical:ubuntu_linux:libdns23", "p-cpe:/a:canonical:ubuntu_linux:libdns50", "p-cpe:/a:canonical:ubuntu_linux:liblwres50", "p-cpe:/a:canonical:ubuntu_linux:libisc45", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:libisccc0", "p-cpe:/a:canonical:ubuntu_linux:libbind9-40", "p-cpe:/a:canonical:ubuntu_linux:libbind9-0", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:libdns44", "p-cpe:/a:canonical:ubuntu_linux:libisccfg1", "p-cpe:/a:canonical:ubuntu_linux:libisccc50", "p-cpe:/a:canonical:ubuntu_linux:libdns35", "p-cpe:/a:canonical:ubuntu_linux:liblwres9", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-888-1.NASL", "href": "https://www.tenable.com/plugins/nessus/44106", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-888-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44106);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\");\n script_bugtraq_id(37865);\n script_xref(name:\"USN\", value:\"888-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : bind9 vulnerabilities (USN-888-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Bind would incorrectly cache bogus NXDOMAIN\nresponses. When DNSSEC validation is in use, a remote attacker could\nexploit this to cause a denial of service, and possibly poison DNS\ncaches. (CVE-2010-0097)\n\nUSN-865-1 provided updated Bind packages to fix a security\nvulnerability. The upstream security patch to fix CVE-2009-4022 was\nincomplete and CVE-2010-0290 was assigned to the issue. This update\ncorrects the problem.\n\nMichael Sinatra discovered that Bind did not correctly validate\ncertain records added to its cache. When DNSSEC validation is in use,\na remote attacker could exploit this to spoof DNS entries and poison\nDNS caches. Among other things, this could lead to misdirected email\nand web traffic.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/888-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-40\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns43\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns45\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns46\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc45\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc40\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg40\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres40\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-doc\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-host\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dnsutils\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind-dev\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind9-0\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libdns21\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libdns23\", pkgver:\"1:9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisc11\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccc0\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccfg1\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"liblwres9\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"lwresd\", pkgver:\"9.3.2-2ubuntu1.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9-doc\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9-host\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dnsutils\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libbind-dev\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libbind9-30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns35\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns36\", pkgver:\"1:9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisc35\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisccc30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisccfg30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"liblwres30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"lwresd\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"bind9\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"bind9-doc\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"bind9-host\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"bind9utils\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dnsutils\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libbind-dev\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libbind9-40\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libdns43\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libdns44\", pkgver:\"1:9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libisc44\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libisccc40\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libisccfg40\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"liblwres40\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"lwresd\", pkgver:\"9.5.0.dfsg.P2-1ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"bind9\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"bind9-doc\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"bind9-host\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"bind9utils\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dnsutils\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libbind-dev\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libbind9-40\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libdns45\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libdns46\", pkgver:\"1:9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libisc45\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libisccc40\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libisccfg40\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"liblwres40\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"lwresd\", pkgver:\"9.5.1.dfsg.P2-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9-doc\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9-host\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9utils\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dnsutils\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libbind-dev\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libbind9-50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libdns50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libdns53\", pkgver:\"1:9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisc50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisccc50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisccfg50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"liblwres50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"lwresd\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind9 / bind9-doc / bind9-host / bind9utils / dnsutils / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:03:02", "description": "bind when configured for DNSSEC could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290).\n\nbind was updated to version 9.4.3-P5 in order to fix those issues.", "edition": 23, "published": "2010-01-26T00:00:00", "title": "openSUSE Security Update : bind (bind-1843)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-chrootenv", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind"], "id": "SUSE_11_0_BIND-100121.NASL", "href": "https://www.tenable.com/plugins/nessus/44305", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-1843.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44305);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\");\n\n script_name(english:\"openSUSE Security Update : bind (bind-1843)\");\n script_summary(english:\"Check for the bind-1843 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"bind when configured for DNSSEC could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290).\n\nbind was updated to version 9.4.3-P5 in order to fix those issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=570912\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bind-9.4.3P5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bind-chrootenv-9.4.3P5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bind-devel-9.4.3P5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bind-libs-9.4.3P5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bind-utils-9.4.3P5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.4.3P5-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-devel / bind-libs / bind-libs-32bit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:05:37", "description": "bind when configured for DNSSEC could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290).", "edition": 23, "published": "2010-01-26T00:00:00", "title": "openSUSE Security Update : bind (bind-1845)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-libs", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind"], "id": "SUSE_11_2_BIND-100121.NASL", "href": "https://www.tenable.com/plugins/nessus/44309", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-1845.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44309);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-0290\");\n\n script_name(english:\"openSUSE Security Update : bind (bind-1845)\");\n script_summary(english:\"Check for the bind-1845 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"bind when configured for DNSSEC could incorrectly cache NXDOMAIN\nresponses (CVE-2010-0097). Moreover, the fix for CVE-2009-4022 was\nincomplete. Despite the previous fix CNAME and DNAME responses could\nbe incorrectly cached (CVE-2010-0290).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=570912\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-9.6.1P3-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-chrootenv-9.6.1P3-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-devel-9.6.1P3-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-libs-9.6.1P3-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-utils-9.6.1P3-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6.1P3-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-devel / bind-libs / bind-libs-32bit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2021-02-02T05:44:55", "description": "ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.", "edition": 4, "cvss3": {}, "published": "2010-01-22T22:00:00", "title": "CVE-2010-0382", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0382"], "modified": "2017-09-19T01:30:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.10.1", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.10.0", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.10.3", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2010-0382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0382", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:07", "description": "Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed \"at the same time as requesting DNSSEC records (DO),\" aka Bug 20438.", "edition": 4, "cvss3": {}, "published": "2009-11-25T16:30:00", "title": "CVE-2009-4022", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4022"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2009-4022", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4022", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:44:54", "description": "ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.", "edition": 4, "cvss3": {}, "published": "2010-01-22T22:00:00", "title": "CVE-2010-0097", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0097"], "modified": "2017-09-19T01:30:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2010-0097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0097", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:44:55", "description": "Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.", "edition": 4, "cvss3": {}, "published": "2010-01-22T22:00:00", "title": "CVE-2010-0290", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0290"], "modified": "2017-09-19T01:30:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.10.1", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.10.0", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.10.3", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2010-0290", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0290", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:33", "bulletinFamily": "software", "cvelist": ["CVE-2008-1447", "CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "rPath Security Advisory: 2010-0018-1\r\nPublished: 2010-03-15\r\nProducts:\r\n rPath Appliance Platform Linux Service 1\r\n rPath Appliance Platform Linux Service 2\r\n rPath Linux 1\r\n rPath Linux 2\r\n\r\nRating: Severe\r\nExposure Level Classification:\r\n Remote User Deterministic Vulnerability\r\nUpdated Versions:\r\n bind=conary.rpath.com@rpl:1/9.4.3_P5-1.1-1\r\n bind=conary.rpath.com@rpl:2/9.4.3_P5-0.1-1\r\n bind-utils=conary.rpath.com@rpl:1/9.4.3_P5-1.1-1\r\n bind-utils=conary.rpath.com@rpl:2/9.4.3_P5-0.1-1\r\n caching-nameserver=conary.rpath.com@rpl:1/9.4.3_P5-1.1-1\r\n\r\nrPath Issue Tracking System:\r\n https://issues.rpath.com/browse/RPL-2881\r\n https://issues.rpath.com/browse/RPL-3152\r\n\r\nReferences:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382\r\n\r\nDescription:\r\n In previous versions of BIND, there have been several vulnerabilities\r\n reported related to cache poisoning of systems where DNSSEC is enabled.\r\n To address these issues, BIND has been updated to 9.4.3-P5 in both \r\n rPath Linux 1 and 2. \r\n \r\n For rPL 1, this update includes a library version change, so the \r\n older package versions have been promoted to the rpl:1-compat label.\r\n This allows users who may have linked applications to the BIND libraries\r\n to continue to include the old bind:lib component where necessary.\r\n\r\nhttp://wiki.rpath.com/Advisories:rPSA-2010-0018\r\n\r\nCopyright 2010 rPath, Inc.\r\nThis file is distributed under the terms of the MIT License.\r\nA copy is available at http://www.rpath.com/permanent/mit-license.html", "edition": 1, "modified": "2010-03-17T00:00:00", "published": "2010-03-17T00:00:00", "id": "SECURITYVULNS:DOC:23395", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23395", "title": "rPSA-2010-0018-1 bind bind-utils caching-nameserver", "type": "securityvulns", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:34", "bulletinFamily": "software", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2009-4022"], "description": "It&#39;s possible to inject cache record during DNSSEC request processing.", "edition": 1, "modified": "2010-03-17T00:00:00", "published": "2010-03-17T00:00:00", "id": "SECURITYVULNS:VULN:10431", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10431", "title": "bind DNS server cache poisoning", "type": "securityvulns", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:33", "bulletinFamily": "software", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:021\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : bind\r\n Date : January 20, 2010\r\n Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,\r\n Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Some vulnerabilities were discovered and corrected in bind:\r\n \r\n The original fix for CVE-2009-4022 was found to be incomplete. BIND\r\n was incorrectly caching certain responses without performing proper\r\n DNSSEC validation. CNAME and DNAME records could be cached, without\r\n proper DNSSEC validation, when received from processing recursive\r\n client queries that requested DNSSEC records but indicated that\r\n checking should be disabled. A remote attacker could use this flaw\r\n to bypass the DNSSEC validation check and perform a cache poisoning\r\n attack if the target BIND server was receiving such client queries\r\n &#40;CVE-2010-0290&#41;.\r\n \r\n There was an error in the DNSSEC NSEC/NSEC3 validation code that\r\n could cause bogus NXDOMAIN responses &#40;that is, NXDOMAIN responses\r\n for records proven by NSEC or NSEC3 to exist&#41; to be cached as if they\r\n had validated correctly, so that future queries to the resolver would\r\n return the bogus NXDOMAIN with the AD flag set &#40;CVE-2010-0097&#41;.\r\n \r\n Packages for 2008.0 are provided for Corporate Desktop 2008.0\r\n customers.\r\n \r\n Additionally BIND has been upgraded to the latest patch release\r\n version.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290\r\n https://www.isc.org/node/504\r\n https://www.isc.org/advisories/CVE-2009-4022v6\r\n https://www.isc.org/advisories/CVE-2010-0097\r\n https://bugzilla.redhat.com/show_bug.cgi?id=557121\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.0:\r\n 1e34c922d8288315da7f0b56eff4dedb 2008.0/i586/bind-9.4.3-0.2mdv2008.0.i586.rpm\r\n 4f70cf5495d8da10420809b7d0517ff5 2008.0/i586/bind-devel-9.4.3-0.2mdv2008.0.i586.rpm\r\n 16731072aefc3dbace3223b45298fc5f 2008.0/i586/bind-utils-9.4.3-0.2mdv2008.0.i586.rpm \r\n a006840a69139819aa67fcf2ea8a639a 2008.0/SRPMS/bind-9.4.3-0.2mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n 17a1bc4c41a8bc3ce017f4f943c82055 2008.0/x86_64/bind-9.4.3-0.2mdv2008.0.x86_64.rpm\r\n 241c61e333d2ee2a7a5039382c3bb86f 2008.0/x86_64/bind-devel-9.4.3-0.2mdv2008.0.x86_64.rpm\r\n bc515c70242c2e4c474ee5fa7c14225b 2008.0/x86_64/bind-utils-9.4.3-0.2mdv2008.0.x86_64.rpm \r\n a006840a69139819aa67fcf2ea8a639a 2008.0/SRPMS/bind-9.4.3-0.2mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n 8b26305703ab02b06e48ff14536e028c 2009.0/i586/bind-9.5.2-0.2mdv2009.0.i586.rpm\r\n d9575243d10ff6d1b89e9f863f745bf5 2009.0/i586/bind-devel-9.5.2-0.2mdv2009.0.i586.rpm\r\n 843fa0de56e209e035baae810fead5a7 2009.0/i586/bind-doc-9.5.2-0.2mdv2009.0.i586.rpm\r\n d0e73fb1d7c1cccd4a72571e9c7603e9 2009.0/i586/bind-utils-9.5.2-0.2mdv2009.0.i586.rpm \r\n 6568c238267d1d547804d37256704bf9 2009.0/SRPMS/bind-9.5.2-0.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n b49ef48bf6db6c7d0de0da4a0de7401d 2009.0/x86_64/bind-9.5.2-0.2mdv2009.0.x86_64.rpm\r\n f4a281ec99558e09233d8e1142f08e0e 2009.0/x86_64/bind-devel-9.5.2-0.2mdv2009.0.x86_64.rpm\r\n d2ce2753ea50d65f6e6222745f972ff9 2009.0/x86_64/bind-doc-9.5.2-0.2mdv2009.0.x86_64.rpm\r\n 4ddf41b2ad82a4de63ad7a5127a69194 2009.0/x86_64/bind-utils-9.5.2-0.2mdv2009.0.x86_64.rpm \r\n 6568c238267d1d547804d37256704bf9 2009.0/SRPMS/bind-9.5.2-0.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n d74f7d990791e26e6726856139973e9a 2009.1/i586/bind-9.6.1-0.2mdv2009.1.i586.rpm\r\n d7985532881c21424277cdcb60d18114 2009.1/i586/bind-devel-9.6.1-0.2mdv2009.1.i586.rpm\r\n bc17c2cc6bdcdbbfb4e1395bd439ba88 2009.1/i586/bind-doc-9.6.1-0.2mdv2009.1.i586.rpm\r\n 41f9b55e7c76a86edb2ac0acf27e553e 2009.1/i586/bind-utils-9.6.1-0.2mdv2009.1.i586.rpm \r\n c942e994b97a336f4fd5a0c5cf738549 2009.1/SRPMS/bind-9.6.1-0.2mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n fb5d4184bee0c7043b94a3e84a0157b3 2009.1/x86_64/bind-9.6.1-0.2mdv2009.1.x86_64.rpm\r\n bb6ca433443ab453c73a3f3576537664 2009.1/x86_64/bind-devel-9.6.1-0.2mdv2009.1.x86_64.rpm\r\n 78e18eea9b23f6efbf2e5344fc2cc648 2009.1/x86_64/bind-doc-9.6.1-0.2mdv2009.1.x86_64.rpm\r\n 1adb16932dda446bd5abaaa276ad124d 2009.1/x86_64/bind-utils-9.6.1-0.2mdv2009.1.x86_64.rpm \r\n c942e994b97a336f4fd5a0c5cf738549 2009.1/SRPMS/bind-9.6.1-0.2mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 2a43dd3cd4114c76c29ac84c33b75fef 2010.0/i586/bind-9.6.1-4.2mdv2010.0.i586.rpm\r\n f7146dd8d890f98582f536493e92a83f 2010.0/i586/bind-devel-9.6.1-4.2mdv2010.0.i586.rpm\r\n 5df56342d4c411b04e87f77117b6804c 2010.0/i586/bind-doc-9.6.1-4.2mdv2010.0.i586.rpm\r\n fb09cf1c22611a49f9e4f75554a337be 2010.0/i586/bind-utils-9.6.1-4.2mdv2010.0.i586.rpm \r\n f6459d6a6e926070e97e7aba94170631 2010.0/SRPMS/bind-9.6.1-4.2mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 53202e9e4bde9cca54bc15f45e5c792e 2010.0/x86_64/bind-9.6.1-4.2mdv2010.0.x86_64.rpm\r\n c086ca1a71254192b535a1c1f3237a88 2010.0/x86_64/bind-devel-9.6.1-4.2mdv2010.0.x86_64.rpm\r\n 154ab6458564150b255a2f812e20692d 2010.0/x86_64/bind-doc-9.6.1-4.2mdv2010.0.x86_64.rpm\r\n fb0e3afd17b048d410fb5d9b804ab122 2010.0/x86_64/bind-utils-9.6.1-4.2mdv2010.0.x86_64.rpm \r\n f6459d6a6e926070e97e7aba94170631 2010.0/SRPMS/bind-9.6.1-4.2mdv2010.0.src.rpm\r\n\r\n Corporate 4.0:\r\n 5d343162e5df4074f8a766e5ba412c16 corporate/4.0/i586/bind-9.4.3-0.2.20060mlcs4.i586.rpm\r\n d1d81bb03511aa5045b377b8d5b9dda5 corporate/4.0/i586/bind-devel-9.4.3-0.2.20060mlcs4.i586.rpm\r\n 1c88a5de62896395a79cecabf756f297 corporate/4.0/i586/bind-utils-9.4.3-0.2.20060mlcs4.i586.rpm \r\n 34b8febb59628c25f594a90989f3d4ea corporate/4.0/SRPMS/bind-9.4.3-0.2.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 4f2a0f0de08ca058aee7c3935290064e corporate/4.0/x86_64/bind-9.4.3-0.2.20060mlcs4.x86_64.rpm\r\n 8a5569c45fe9ee2263f6dbbdca195684 corporate/4.0/x86_64/bind-devel-9.4.3-0.2.20060mlcs4.x86_64.rpm\r\n d7466a30a031271fa6d911f1dafa561c corporate/4.0/x86_64/bind-utils-9.4.3-0.2.20060mlcs4.x86_64.rpm \r\n 34b8febb59628c25f594a90989f3d4ea corporate/4.0/SRPMS/bind-9.4.3-0.2.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 30fe9bb51f78f199d785ff4e6c999708 mes5/i586/bind-9.5.2-0.2mdvmes5.i586.rpm\r\n 290b224bcf4710b5bd8b054d903b7450 mes5/i586/bind-devel-9.5.2-0.2mdvmes5.i586.rpm\r\n 069cb4acbec0393d2d8249f971f4077a mes5/i586/bind-doc-9.5.2-0.2mdvmes5.i586.rpm\r\n b29152a5ac58aa5296be30ceadfc3890 mes5/i586/bind-utils-9.5.2-0.2mdvmes5.i586.rpm \r\n d7d2d8703f26e20ec36bfaf2816dd060 mes5/SRPMS/bind-9.5.2-0.2mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 6cdae79e993981af90e491693a6d49b4 mes5/x86_64/bind-9.5.2-0.2mdvmes5.x86_64.rpm\r\n b042420f74563e0c9451fdf6d0b91d3e mes5/x86_64/bind-devel-9.5.2-0.2mdvmes5.x86_64.rpm\r\n a31659cdba90b49518e05ee0a9787c96 mes5/x86_64/bind-doc-9.5.2-0.2mdvmes5.x86_64.rpm\r\n badabfcf913acd2e9b83da6fe33c97cb mes5/x86_64/bind-utils-9.5.2-0.2mdvmes5.x86_64.rpm \r\n d7d2d8703f26e20ec36bfaf2816dd060 mes5/SRPMS/bind-9.5.2-0.2mdvmes5.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFLVzchmqjQ0CJFipgRAug2AJ9cykjSF4FXGsupy/KcoitoqbDmJQCfZw6y\r\nFw4zovyshx4dVKSm+x9gssQ=\r\n=UlsE\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-01-21T00:00:00", "published": "2010-01-21T00:00:00", "id": "SECURITYVULNS:DOC:23087", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23087", "title": "[ MDVSA-2010:021 ] bind", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:32", "bulletinFamily": "software", "cvelist": ["CVE-2009-4022"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:304\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : bind\r\n Date : November 26, 2009\r\n Affected: 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Some vulnerabilities were discovered and corrected in bind:\r\n \r\n Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5\r\n before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3,\r\n and 9.0.x through 9.3.x with DNSSEC validation enabled and checking\r\n disabled &#40;CD&#41;, allows remote attackers to conduct DNS cache poisoning\r\n attacks via additional sections in a response sent for resolution\r\n of a recursive client query, which is not properly handled when the\r\n response is processed at the same time as requesting DNSSEC records\r\n &#40;DO&#41;. &#40;CVE-2009-4022&#41;.\r\n \r\n Additionally BIND has been upgraded to the latest point release or\r\n closest supported version by ISC.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\r\n https://www.isc.org/node/504\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 350aede988c5fea9c534c9f6b453a6d9 2009.0/i586/bind-9.5.2-0.1mdv2009.0.i586.rpm\r\n 63dae25d60dce8878a87b0eeaa457285 2009.0/i586/bind-devel-9.5.2-0.1mdv2009.0.i586.rpm\r\n b3e98fd47dbff14ad213a8ca8a6e466d 2009.0/i586/bind-doc-9.5.2-0.1mdv2009.0.i586.rpm\r\n fa56daa8b48c17fbcf9e0d59ded29123 2009.0/i586/bind-utils-9.5.2-0.1mdv2009.0.i586.rpm \r\n 75ef743d58dbfc382e88fef13788f71f 2009.0/SRPMS/bind-9.5.2-0.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 12d89eb11dda9285afdcd1e315c47261 2009.0/x86_64/bind-9.5.2-0.1mdv2009.0.x86_64.rpm\r\n 7314c3bdb02a8d332a5c809ade05ffa8 2009.0/x86_64/bind-devel-9.5.2-0.1mdv2009.0.x86_64.rpm\r\n c87e38d4da7e29bcf756afce7266dc96 2009.0/x86_64/bind-doc-9.5.2-0.1mdv2009.0.x86_64.rpm\r\n 0c7822fea0b4b39fb1330c98c3ac72e6 2009.0/x86_64/bind-utils-9.5.2-0.1mdv2009.0.x86_64.rpm \r\n 75ef743d58dbfc382e88fef13788f71f 2009.0/SRPMS/bind-9.5.2-0.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n 85b9888ba8e24104787ee69eaa471f5d 2009.1/i586/bind-9.6.1-0.1mdv2009.1.i586.rpm\r\n e251bc5c2c1065c0ceefa31b6fa7b8a9 2009.1/i586/bind-devel-9.6.1-0.1mdv2009.1.i586.rpm\r\n 53f7c3477e5d3f3ebc3376ecb63a2eec 2009.1/i586/bind-doc-9.6.1-0.1mdv2009.1.i586.rpm\r\n 144e76e8e28f839dafd1a0c2816345a8 2009.1/i586/bind-utils-9.6.1-0.1mdv2009.1.i586.rpm \r\n d11449cedd0e738e27518e5f65c06628 2009.1/SRPMS/bind-9.6.1-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 5a8c68cf6b92bcb1de285aa151550806 2009.1/x86_64/bind-9.6.1-0.1mdv2009.1.x86_64.rpm\r\n 224a8d280a689e2918c99f50d95a286b 2009.1/x86_64/bind-devel-9.6.1-0.1mdv2009.1.x86_64.rpm\r\n d2339b9352a58a33e3e347d30f3112af 2009.1/x86_64/bind-doc-9.6.1-0.1mdv2009.1.x86_64.rpm\r\n 9af5d666780c971c014e4703a02735f5 2009.1/x86_64/bind-utils-9.6.1-0.1mdv2009.1.x86_64.rpm \r\n d11449cedd0e738e27518e5f65c06628 2009.1/SRPMS/bind-9.6.1-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 370e9b2a7a28cbed55406fe55726362d 2010.0/i586/bind-9.6.1-4.1mdv2010.0.i586.rpm\r\n a5ac29331aee65433a5892cd836f0c98 2010.0/i586/bind-devel-9.6.1-4.1mdv2010.0.i586.rpm\r\n e7cc049f431f380300371341d5310c61 2010.0/i586/bind-doc-9.6.1-4.1mdv2010.0.i586.rpm\r\n 2e1ca9662985205be96c85ffda316da1 2010.0/i586/bind-utils-9.6.1-4.1mdv2010.0.i586.rpm \r\n 11cb180925f7705960f23d853fa75a82 2010.0/SRPMS/bind-9.6.1-4.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 3cc9cd36796d0e385d0768fca4e1df26 2010.0/x86_64/bind-9.6.1-4.1mdv2010.0.x86_64.rpm\r\n f4544efd9648274c057ff83340d9dbfb 2010.0/x86_64/bind-devel-9.6.1-4.1mdv2010.0.x86_64.rpm\r\n 6110c4726cc972c0226ffa89264c2d3a 2010.0/x86_64/bind-doc-9.6.1-4.1mdv2010.0.x86_64.rpm\r\n fbb65979f1b2c1184a4511eb554d9705 2010.0/x86_64/bind-utils-9.6.1-4.1mdv2010.0.x86_64.rpm \r\n 11cb180925f7705960f23d853fa75a82 2010.0/SRPMS/bind-9.6.1-4.1mdv2010.0.src.rpm\r\n\r\n Corporate 4.0:\r\n efa9da62f2e60853b87767f00ca547ef corporate/4.0/i586/bind-9.4.3-0.1.20060mlcs4.i586.rpm\r\n 7527a21df42df4e7868ba61879f42518 corporate/4.0/i586/bind-devel-9.4.3-0.1.20060mlcs4.i586.rpm\r\n 7646549a4dcc5f65e8ea6f8067e95070 corporate/4.0/i586/bind-utils-9.4.3-0.1.20060mlcs4.i586.rpm \r\n 36463b1e9d167038f904ca7df177898b corporate/4.0/SRPMS/bind-9.4.3-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n e41861745bb151fb5efc1bf9b50f6505 corporate/4.0/x86_64/bind-9.4.3-0.1.20060mlcs4.x86_64.rpm\r\n 9dd765db9f38a16221a275b96281802f corporate/4.0/x86_64/bind-devel-9.4.3-0.1.20060mlcs4.x86_64.rpm\r\n 4ae28b93e75875ec58e3bb5dbc39494d corporate/4.0/x86_64/bind-utils-9.4.3-0.1.20060mlcs4.x86_64.rpm \r\n 36463b1e9d167038f904ca7df177898b corporate/4.0/SRPMS/bind-9.4.3-0.1.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 4c906960098af8693448ac5cb3766379 mes5/i586/bind-9.5.2-0.1mdvmes5.i586.rpm\r\n 9628b329b44d2d5969f7ff277d3d7f0b mes5/i586/bind-devel-9.5.2-0.1mdvmes5.i586.rpm\r\n 5e4096b88a627c1dec4238dfcf401ba2 mes5/i586/bind-doc-9.5.2-0.1mdvmes5.i586.rpm\r\n dcc67d5dc6e2df19b70bfc7eb07e3633 mes5/i586/bind-utils-9.5.2-0.1mdvmes5.i586.rpm \r\n 78aa573ae412f837d942225a77e56398 mes5/SRPMS/bind-9.5.2-0.1mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 4bc1fb9a2260d4dda412102e7eca322b mes5/x86_64/bind-9.5.2-0.1mdvmes5.x86_64.rpm\r\n bf243b38288fd02299fe250547060d9d mes5/x86_64/bind-devel-9.5.2-0.1mdvmes5.x86_64.rpm\r\n c5913b8326477c600d4bd5f3524218ec mes5/x86_64/bind-doc-9.5.2-0.1mdvmes5.x86_64.rpm\r\n e555c924894703f24d91f9e4c7715927 mes5/x86_64/bind-utils-9.5.2-0.1mdvmes5.x86_64.rpm \r\n 78aa573ae412f837d942225a77e56398 mes5/SRPMS/bind-9.5.2-0.1mdvmes5.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFLDqxBmqjQ0CJFipgRAq5SAKCtfakAexWy/C5PkEsNrFfrk7gQHwCgvY9R\r\npmiCd4VANBSFJKkMchIBpjE=\r\n=q1sN\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2009-12-01T00:00:00", "published": "2009-12-01T00:00:00", "id": "SECURITYVULNS:DOC:22848", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22848", "title": "[ MDVSA-2009:304 ] bind", "type": "securityvulns", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2020-11-11T13:12:11", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 2054-2 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJune 15th, 2010 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : DNS cache poisoning\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382\n\nThis update restores the PID file location for bind to the location\nbefore the last security update. For reference, here is the original\nadvisory text that explains the security problems fixed:\n\n Several cache-poisoning vulnerabilities have been discovered in BIND.\n These vulnerabilities are apply only if DNSSEC validation is enabled and\n trust anchors have been installed, which is not the default.\n\n The Common Vulnerabilities and Exposures project identifies the\n following problems:\n\n CVE-2010-0097\n BIND does not properly validate DNSSEC NSEC records, which allows\n remote attackers to add the Authenticated Data (AD) flag to a forged\n NXDOMAIN response for an existing domain.\n\n CVE-2010-0290\n When processing crafted responses containing CNAME or DNAME records,\n BIND is subject to a DNS cache poisoning vulnerability, provided that\n DNSSEC validation is enabled and trust anchors have been installed.\n\n CVE-2010-0382\n When processing certain responses containing out-of-bailiwick data,\n BIND is subject to a DNS cache poisoning vulnerability, provided that\n DNSSEC validation is enabled and trust anchors have been installed.\n\n In addition, this update introduce a more conservative query behavior\n in the presence of repeated DNSSEC validation failures, addressing the\n &quot;roll over and die&quot; phenomenon. The new version also supports the\n cryptographic algorithm used by the upcoming signed ICANN DNS root\n (RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\n algorithm used by some signed top-level domains.\n\n This update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\n Because of the scope of changes, extra care is recommended when\n installing the update. Due to ABI changes, new Debian packages are\n included, and the update has to be installed using &quot;apt-get\n dist-upgrade&quot; (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny2.\n\nThe unstable distribution is not affected by the wrong PID file location.\n\nWe recommend that you upgrade your bind9 packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will flenny the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2.dsc\n Size/MD5 checksum: 1794 b5951765a8e4aa8bcab2348f1ffa657d\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2.diff.gz\n Size/MD5 checksum: 45913 dd84c3e333a9ed52eb716faecf65f180\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg.orig.tar.gz\n Size/MD5 checksum: 5132628 5ac7e5eadd45b234ce17b3b731dacc3a\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.6.ESV.R1+dfsg-0+lenny2_all.deb\n Size/MD5 checksum: 282072 8d6a3f9f97202d085d1302769aa452da\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 292140 8e10a8574edd7034941feee2edc03a31\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 64240 ee27fa0b5251fea1d502d75a3513a3a6\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 115318 52148b7b9069b8954fb8bb04ce5455ad\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 154542 a190316dcddbeb6973951b38ba2f7ee6\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 1737448 ff983f8040060267746caf063ff0a8fa\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 32518 a9f44edeff6230a772c08f5d380592b7\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 33328 7ccbb786759eb774ae377d7322eaafa2\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 611996 a05cef02b81d683f83bbbf9f5b88c0fa\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 677572 baddf6ba1a7f7ec26acb09089cad5829\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 170184 bfa0989d6719e2d4670890c8b31adf9b\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 174826 6e0817102846d641ced13a23b873d027\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 29694 a47bea58d704d35b8c496d3f7c304492\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 29870 93056e3f1bdf8d4f8f07d4feae2d8836\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 50988 3d9aa0b2424591259d647f64854b0973\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 51410 be78e4816e8e75f402e006f35c4950c3\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_alpha.deb\n Size/MD5 checksum: 49672 33c42ecc9686d047f15d684e9920142f\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 49540 d6b508085c0f366f04fdd18dc6af4cdb\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_alpha.deb\n Size/MD5 checksum: 227264 7befd1d1a54973428a641d4317ded97f\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 291330 114319eb2b8040731f6ee36c00b49262\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 65420 d7507dfb5a878ed29f8a8d086e130f3b\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 107020 f29fb5ad645a0ea295133156fa0eebd0\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 156866 c44b5997324261633d0da9772b264357\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 1413224 319f18cc9eec8f6452231725286297c7\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 32054 fd8f6b623d6adea6182692c92a98d5e6\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 32576 4ec82d392586d6c443f3bc3dcb6d323a\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 603144 c7a335dad601c85fb03e16db9c22f57b\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 663854 18291319c1767e0a2832b6e3aa26025e\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 163406 31be4125afa94d0aab592e17a011356f\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 168560 d80f05feacd89640822de72c6c71f635\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 28850 5f9ea9bb9c618e984dc862fb06b84f76\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 29178 181330cc6cedc33ece24b17774cc2802\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 50434 1f5bdb07aef191221796ed34324715bd\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 51354 be59f89c13654efcb7f71cba30c9e009\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_amd64.deb\n Size/MD5 checksum: 47664 e0cd623625e5c52920635d8342c6d550\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 48468 d1981734b9cbba2c51891b89f2c449ab\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_amd64.deb\n Size/MD5 checksum: 226172 ba96ccb48cd3b4b01f7020b7a704fb82\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 285474 a6ac5661e085e35c2360ee6ca5ab3f01\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 64878 f3b78d453b7a4fcd1d6161f9148dfaad\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 102288 37dcfec3bc581fb02fbc8abe5f6fb6f4\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 154494 3e2691a5f7cf86566061583d24a6cda5\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 1243584 172e53f095d894ad0d886792398d3690\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 31134 ba7e98f5125e6d0355815fb4759ea93e\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 31652 bbac0d436eceed78ef9928730b121176\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 564842 9767031a777f2f3edddf4b022a76c715\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 621722 a05df19fa6ad6f444d9997d6318a078d\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 153590 7f41cd8edbf781c95e5e56cc5400ce59\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 157046 74aac0c1839c07790281231d327d74f8\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 26580 be4dba65bdf279dc3d2678a20b4947f9\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 26722 0a31539a8bd51210307c6e1f4b5b33a1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 42812 341c8e4bb36717ebc976b766a0147af1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 43182 814ce4f968b8f96af6b1fa43121fc980\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_arm.deb\n Size/MD5 checksum: 43588 2a0b07a856d852d71dc9b3f9821cf0d4\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 43800 03d4451f8c77d1b80b1df5c798ecf5db\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_arm.deb\n Size/MD5 checksum: 218934 64a49963bf22adce6ff7ab5172852a99\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 298660 038a69f2e65adef52e1f62ea05e81904\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 66098 24df93659ae1ea4a20ce26cb435769ea\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 112840 df7cc62242d0a27a58e77a2edb4d5bbd\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 159054 13515a6cce8e9585aa2787555c86bdfa\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 1539194 a15a12e45da1d6ee91428faf43e6692d\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 34228 13e9ee3562cc63f9b777a2d9cf81eaff\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 34798 9cc4b972b691ad1939315c238afb1f93\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 619066 474e58eee1ba875d69b884903e23b4ee\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 682922 4b9031fcf84bebf74eef0e0bc958777b\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 166060 5bbbf6ca1fcf98a5c80021bb7eded703\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 170632 324fb6e896b6869802251445d26ac1ed\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 28786 d97221d1f703409d9d9d5a9900ee71a8\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 28920 62c09cec2cac3ce138ced5483cf72537\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 50950 26a4cebb4e70427f676b0ad18cac5415\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 51422 95d2f3bbfe0afb611d8af8f54b5911db\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_hppa.deb\n Size/MD5 checksum: 47164 855f233496d0ebf852d32ecef01a63d9\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 47376 15783a3ea13364b44d22372a547b4153\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_hppa.deb\n Size/MD5 checksum: 233422 acd8c1fd5fdf254f323c65b5eb77083f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 276348 dc15b4ea68fdb0d1ac28f01614792a12\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 61990 21cdc3ef5b11eb88f046025940c76933\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 103574 27f5a9c250c27943a76ed7784a97ec0c\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 146498 f6cc4251afbf599ca1a7f2c2192ada98\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 1348284 a81456fcf09f58941d7c3d42d74d5ae8\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 32430 1c51b670b0bf99038f4bd8e8a62b4f69\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 32954 45f607e90aa63533f33989c5b579bb93\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 548304 8a56d77c2206c81630580c671fd260f4\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 610230 777553ebfb5b31a14e740bcb73e9d127\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 149982 81af1af7e4e4c053d4e4f4b204d3f4e6\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 154026 40ad4676ccd919e25ffa3570d42b46fe\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 27104 32ce309ada667e5896813c6460aa7c5f\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 27250 66cc63074ccff7bf283972b2d9ec8803\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 44464 6d68da4e9043aaed615fc9f26b8779ad\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 44934 2227c3509ccc790d17f08b0a44771527\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_i386.deb\n Size/MD5 checksum: 45414 eaa67a0ecbd80180b8349ea6bd20ab73\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 45644 64ec9a5cb0c7c06dfb1ebc50a694d539\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_i386.deb\n Size/MD5 checksum: 212792 1118206b40298ab87c8919867ce95a76\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 376390 45397b42eae8f9567e82c0b7cc0d19ce\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 83282 895a6d72b22d97660be7d4a15b230ab0\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 138718 8b0085a28096bf2a1ff7e79875c673af\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 202964 21850bc1823ba2c3bcc9568298771461\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 1994238 bf1b7717d257bc8bc822b5273599e8e3\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 37244 64cd9f00116fc6fbebba1bafef3149ec\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 37924 392f424b5a188e584da93fad7aef3caf\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 856714 fc536be09eaff2ae66f5f4950c130996\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 949516 5397f551b2d8204b6bd5287579d0834a\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 231182 30a9dfc2180eb2836b4b979c63d2fa6a\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 238394 99ed5cbfc07f8adc292d5c64197f2c26\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 33728 15ca631824f037b8ca6cc17a248d03f5\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 33868 d6efabc89c7373ae9b400a8159e6bc29\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 57494 c2e52b466c9eaaba20d2e85a6e8686a5\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 58156 f6b9983461b30e216093ef8f6953b023\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_ia64.deb\n Size/MD5 checksum: 60092 f06da0b2c5c8a582596aba63c9600061\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 60384 fddc7003dffa16b45a2832c073a30e60\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_ia64.deb\n Size/MD5 checksum: 302882 10a06509107413eaef6a9312c7fda2c7\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 276712 0446f83861e4cf2717182c05c2f476db\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 61350 8fc40dde2a1faa00edf49ec1eb134d77\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 100844 a3baff835b98b084c1b27a95cdbb8af4\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 144898 3e26c20d928bb8d4ebbe4b5995a279de\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 1502640 06cabca1223a5c559c47f59926cf5417\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 30452 abee6abf03b7c612b60f3a6db7ca88dc\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 31046 705b725ebe71f8b4b1c8b0e7d3dee43f\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 527600 79fc779a4a842ddbd9f0a4c5cfcf9918\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 582698 5a08b4034fee4ebe70b7a05579a1bf5c\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 146860 6741e2ba75faa40c37eb4afdf000019a\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 151070 b57056e068b048ca4947f992c9fffec7\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 27010 1c99219d24563a1c5a2a78935ff95fa6\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 27366 9aecd1e2927c85b4ea1fae9c0d785fbc\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 44296 c00371144be5b8a442ba043a62c15462\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 44640 58f8790494f447cb7dfe7bc43b5a3f0e\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_mips.deb\n Size/MD5 checksum: 42324 0bcdf4724cf713bdbd5e7976250523f2\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 42372 078078aff0c52a1644ef3a49766d6e18\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_mips.deb\n Size/MD5 checksum: 210544 4eada72ace0d5c4ff07586703454c725\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 272256 99b2ccee7bc99d791da8fd190fc05ec1\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 60976 ac84463840b8edb3d7fd639fde8d66e4\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 101076 21858664a812a5f1aefe79ba4eb0009c\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 144418 761e3c7007206e830169a14b96044d69\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 1487468 03dd712982426479ae1688550c999056\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 30368 82ef46628d82668db4fc61c78bf262c8\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 30850 f8c431196ad00230fedd54c5a0233fbc\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 526652 e4ee49addaa7ce7c2b7d66256b20aade\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 581832 a0ee5e559ea962e725aad9c071c15fd9\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 148124 f40bb5583e8a60fd76b379e60a2535f9\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 152308 895768c113b2a412109fd0dba471d023\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 27084 486871c73fba716a64c8cb7f97d5c993\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 27214 2c7230f941d440a7e91a3818bf30aae0\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 43258 051a43b19623f0a314a387c00bc1f1e0\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 43680 666a04797a69fcdbab9ae4fb9e64f834\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_mipsel.deb\n Size/MD5 checksum: 42386 e3d8e01c67ed602d1f19cedb02837297\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 42628 3ac381d3a3b112895a129aa24f70e249\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_mipsel.deb\n Size/MD5 checksum: 209514 c9b35b18cdc5f86ca6efc63c527a3888\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 296558 ef1c24a3263ba24308455b7c3223dace\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 66258 8318e02f8715b7d637cc79c7b3f2bd6e\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 123996 53b85b0ef69972fe22b5256cc8fd90e1\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 160086 8e61d36c24b647c17bac2e853154f5a7\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 1312786 4b32c272c97e543c0611970046c26c38\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 34644 1d9b04d547b7be55134c0a36c64420c4\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 35198 9826dd2410009c7cc03c203a421ff72d\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 584312 6a140c9efcee0a546f7c017c1d263c94\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 644728 c784c9468aef9e58dcfcbb06a89eeda3\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 162458 7bf76b9638dff55ce42a4e4067f1b522\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 166936 c13a44cdd7b58a044dbe71d67ae5cd42\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 30368 c685b34d6632be737d8f101fd5f6a00e\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 30532 67ec1293bfbc21b4c43bf34be27128f7\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 48958 f7ce1762e6f7fe98f3635d34f43a8e08\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 49384 55f581cebb544856db7e5767dee4ebbe\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_powerpc.deb\n Size/MD5 checksum: 48730 cc8a66c6665c1afe9f8d90944c9abfdf\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 48996 60124f1ca7a4174f28945ead5af3f50b\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_powerpc.deb\n Size/MD5 checksum: 228802 e5ee3aef898089573dd632f9253befc9\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 301546 5585327fe47a2c181c8aaa11a32400b2\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 70288 3649c40a8407d063f0a01abe25650bf9\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 111184 aedb9aa57a9239cda9e9954f901f43ff\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 166266 b1ab7f47df17a0c9dfa52ffc9ffc6857\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 1411462 e561de582332c72568f85d230042b434\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 32630 c95e359fd310c5022de3d28478b6fbc5\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 33180 c258f79f656a7e755aa9d4de17a159d4\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 593698 c0f08cd138d54a0eb1df0c8cca809e15\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 655294 84b3bfdba2ffc47b27e050c8e050f304\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 167354 a0c0af213e701f2bd78a4efe94ba2f61\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 172004 5e446ef701994387e48503ad8a958dbe\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 29008 ce5f7095df2996d80ad4fa4c3f24d7c0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 29144 95718fb9ac546acd6f6b4767dc2569a9\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 50672 4deee4e7338a6c56225e4cb336832631\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 51098 387abace104eaae6943e2fdd91f2ca54\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_s390.deb\n Size/MD5 checksum: 46714 db8dfacc6281b90f4c45848548f3bba0\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 46956 b362976b376fac24972c87f984982629\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_s390.deb\n Size/MD5 checksum: 236198 f531d964cddc2afb8ee329498d9c8cf0\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 285050 4d8d5775730677f15f5eb97cb58e72fe\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 64860 5de9caf6799824fc1780242059be0c10\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 108196 8fb932c7b2d2976366be31c6c5fb9a14\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 154124 ffdbce3bdda728b96ccd19e288cdf224\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 1425992 6793211a57a4c5e87ab22043381edd9e\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-40_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 31264 8c4960f8da91b74a0d86cd8aa64c7ce8\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 31916 e09ea76778ea084b03cfdcf36b2c09fa\n http://security.debian.org/pool/updates/main/b/bind9/libdns45_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 541504 b90cf693e4aba5685efe3cbdaa5d0fbc\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 600302 035a6cbd6345230c8fdb4d716396a04e\n http://security.debian.org/pool/updates/main/b/bind9/libisc45_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 149096 d432c97d8d4b0e484f0f34a6350760a5\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 153174 d94ab608c36b96c495ed7dec44f729f1\n http://security.debian.org/pool/updates/main/b/bind9/libisccc40_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 26468 f06b5201aaa16d452755ddde70a865a0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 26586 49aeadcc0c30d08002b3c694fd9dbfcc\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg40_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 44344 7c11541a9d7fc3a30c7e627eaac9748b\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 44748 f026fbfd06f6e0c7b34e05cbda2050e6\n http://security.debian.org/pool/updates/main/b/bind9/liblwres40_9.5.1.dfsg.P3-1+lenny1_sparc.deb\n Size/MD5 checksum: 42832 c24e363f7b138ff941724afc5bc7eb29\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 43070 0e1ae19348dd782223ada934ff3e8fc9\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny2_sparc.deb\n Size/MD5 checksum: 220310 385939cf30f6065de843cec8402b5aa4\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "edition": 3, "modified": "2010-06-15T20:07:22", "published": "2010-06-15T20:07:22", "id": "DEBIAN:DSA-2054-2:DAD3F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00104.html", "title": "[SECURITY] [DSA 2054-2] New bind9 packages fix cache poisoning", "type": "debian", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:13:06", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0382", "CVE-2010-0290", "CVE-2010-0097"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2054-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 04, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : DNS cache poisoning\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382\n\nSeveral cache-poisoning vulnerabilities have been discovered in BIND.\nThese vulnerabilities are apply only if DNSSEC validation is enabled and\ntrust anchors have been installed, which is not the default.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2010-0097\n BIND does not properly validate DNSSEC NSEC records, which allows\n remote attackers to add the Authenticated Data (AD) flag to a forged\n NXDOMAIN response for an existing domain.\n\nCVE-2010-0290\n When processing crafted responses containing CNAME or DNAME records,\n BIND is subject to a DNS cache poisoning vulnerability, provided that\n DNSSEC validation is enabled and trust anchors have been installed.\n\nCVE-2010-0382\n When processing certain responses containing out-of-bailiwick data,\n BIND is subject to a DNS cache poisoning vulnerability, provided that\n DNSSEC validation is enabled and trust anchors have been installed.\n\nIn addition, this update introduce a more conservative query behavior\nin the presence of repeated DNSSEC validation failures, addressing the\n&quot;roll over and die&quot; phenomenon. The new version also supports the\ncryptographic algorithm used by the upcoming signed ICANN DNS root\n(RSASHA256 from RFC 5702), and the NSEC3 secure denial of existence\nalgorithm used by some signed top-level domains.\n\nThis update is based on a new upstream version of BIND 9, 9.6-ESV-R1.\nBecause of the scope of changes, extra care is recommended when\ninstalling the update. Due to ABI changes, new Debian packages are\nincluded, and the update has to be installed using &quot;apt-get\ndist-upgrade&quot; (or an equivalent aptitude command).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R1+dfsg-0+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:9.7.0.dfsg-1.\n\nWe recommend that you upgrade your bind9 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get dist-upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1.diff.gz\n Size/MD5 checksum: 45323 fb028cde990581e5d817ed23decc702a\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg.orig.tar.gz\n Size/MD5 checksum: 5132628 5ac7e5eadd45b234ce17b3b731dacc3a\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1.dsc\n Size/MD5 checksum: 1794 b0b1eaf99cfa2d7d6357306185dac33b\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.6.ESV.R1+dfsg-0+lenny1_all.deb\n Size/MD5 checksum: 281996 fdd2ac63c79f616b5707b1145f345c59\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 174730 bc14fcc13620587444ffe8496fbaf787\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 1737100 30180481a0f688e520343c12ad4fd428\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 227130 f245dba4a6bca2afef7361b80c8bc426\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 33264 791895dac1d1962c57e3b588a71e419f\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 64160 c504f75ef20ac6ae8d71b4387c9f7cb2\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 49464 2b5542561248a31f16389e50ae4eada5\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 29796 aebf5e3c1c976cb2239fd3a8f5605a36\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 51326 3abd68b93de814beeaedbce34cf7be66\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 115242 0ba57bc9774fe5078ef018d99b8606d0\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 677156 5599bce1f50878b9d62612bb8eed86dc\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 291992 3f3e70afb32fccd7ed7e3d1d07725e18\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 154454 d7911121939f6ca0c410274667f6161d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 1412848 1deb73e8b661729a535a6504266b6293\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 65356 831bb09b389f3a21108d7b8d3b095624\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 156776 df5ecfee580a4fd04a0ecacdbd6fd3cd\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 168482 cbaa2c27a3f66d73d1a3780492e1cdb4\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 29096 ff31f8d87363b5934f45867ee4b8e870\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 51268 d6b1b496e9d176292af8f2cd99c2411f\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 106960 c29c3ccaf38b558dbb0f34c7b672229b\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 32492 0dbf2254cb43299bd929b7694b6092ff\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 663692 b4c45378f085fa59358fa219f94bb6cd\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 291232 dcdc530887445d9f103a3bb81b87eedc\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 226102 c1fa59ae6ca874b49408fa12ee39d2ee\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 48388 070ccae2f7b9a08d2830e3a7265c9f78\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 154420 9a22b5c30be10ef6fec28521992a7881\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 31586 4723403e9df003c5f5abf31d8365cb1e\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 218808 7a1fc6e4526db569f91f7307232ee472\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 26648 26631bb4f8f548bd396390aabae11403\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 102224 dfdbe1d06588c06c0ae888cb828e07cf\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 43102 eaeda742235147e2062be3126a3bd3b0\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 621474 d37831b56c0d5c6d75f1ec544fb36a41\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 285440 35ef1823fb69c7a888ffd8743c3e675f\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 64818 65994c76014697bc3255d431a38e51b4\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 1243418 ea539bec87909d3674b3687a17b1326e\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 43748 eb0a113030065124d946b8344a6efd46\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 156960 98ac41b953d67d9230b8ef3227fa95a3\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 283290 ace07e5c64f7ac9b6cc414c6fcde67fe\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 615828 445d90c685a26cc2208a489289387650\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 26570 b748c5888af048389f91c50b182a1178\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 43138 c4fe6d525303dfe7758bb20ecdc3c046\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 216764 07bf2b48ced9325a68253bb3597ff010\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 64350 83a0c9d4203d4d1478f0f671aabe5c18\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 31420 fa1fcdfc6910f474ce16779afe4fcf72\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 42802 42fca0414da3631265bb60c605b7640f\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 103318 f0e4f72b65d9e3ebcd3369d7adb125e2\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 1246472 f587f8abb5960699b25d97477ebeb2e0\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 153488 4e63820ffdca66941ed5245498cc6a70\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 156764 c65571f37c8d42d489bbcb4173606d19\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 233334 bc5e48c4cd6c4652a674a925ee7a4f54\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 1538698 02b5d1d10c4e0b3c9c0d1120c434a84a\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 66028 02ffa4202fbbeacde301ea926168e1bb\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 51362 308a499c3d055bfe8dab00cff219a246\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 28852 d53bccd61a81a5a7ca65b0fdbbd7db29\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 47302 f2082bc12218d1047be63f565772378e\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 170568 f037eb5296d824766eef3f34e203df28\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 34726 d3976e08fd9d1aa99cdc7c9ce9b637b1\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 112770 a5f58e7c8ff95fde0354a0582882c7df\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 158974 3cc9edbb530f180135960523fbe73735\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 682708 ed7b13bd041ef497e1e406425285d8fb\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 298544 aefdf57a2d827ba3c39e93c173f040fc\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 103492 07dd0fd2273fcec2b561b951632b97a9\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 61936 bb663cf051dac13da6c4c16080c0f716\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 45562 5289fd8160bf94008d91345f04b58787\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 146430 839167839c84a7460a30d43725d69508\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 153954 1779306ede4c1f72de723a0e5408e907\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 1347900 f76bd667603fa19a4ddb71792b6f3885\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 27176 26ef346503727306b08137a94cec1991\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 44844 09864e4e43ce0dea8f133dcf8109765a\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 276256 934be07f3f5ca33e16e37765cc66669c\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 610040 8e3d7c34ea2dd8095f44cfe07c911e77\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 32880 975661bd25d0081e84c557b60537b40f\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 212692 9d5099c265c283e893a1213d70eb7a7d\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 238316 cff2ab5db6d9c57a46cf2988bf795ea9\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 83206 dc98300841bcd8cdddbead9c8d3ba665\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 37852 ab74280522398cffb21af7c4d144602a\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 376294 a11a7c5bd406953744765e44304da737\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 202884 78ffeb788c35343e6478a381d2316315\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 138618 ec37fada0f8e8f839c3c27894e3dd2c7\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 60320 fd0c0ee7a1ad9cb92407a4fb5a4213e0\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 949182 e2c781cbffdfff4040be0faa9d3166c9\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 33802 a4ad1b966f28211f082ac22ccd79615d\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 58068 568766297c6082f31cc1d763f3b906c8\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 1993778 849fc3b3f04f855c62a7260662c53dc8\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 302784 d8525fe0d84db6033301feccccad55c7\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 582344 b4327093fae07ad84dca6a9f4bdd54e3\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 60782 886dceb5a74f2a8430f658f5677e4e91\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 1503414 1a2be7a3e4378b4e9c12ffdd28d71865\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 276716 87d2a5dc4b16bd030aed478da3e42039\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 150982 d4d1969e2e228e370a5ebde96ee6626f\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 44558 016f8da083565ef37e76e35fb9d7c557\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 27272 d588b4110974d7f02693ae0c5adc2be7\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 42282 70df93f1288af36931359d8c7c655ef5\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 30954 e5a11d8e4f6303509136f6412d5ecb08\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 210464 be67032f2e0b04b26dea22b75769ab5b\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 103222 818865269a445f95dc6a6d8df34a78a2\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 144402 9523d2017deb18184c2602eca68c27bf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 581560 2d8ab7d22b40f7cf09140e1a0b8644b6\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 27140 845fbb3c020f7e8b1285107a4b447e63\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 43604 9e3d29295601dd2a4c9f83539d4bda1a\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 30784 51d2d0924c1e986d4128a8fee6cefb7e\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 208768 16d5d76dc7c78c4f7e4d8fcc0bdd0dfa\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 102090 e9196b67977a9e39c4d88be9e9334bcc\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 1491270 847d434259618cd385e7b5d97381611b\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 271816 c7d093a1453d739035ddac533609687c\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 42568 2221f867dfeb86eb289e0748ec510947\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 61146 17526807a1e8d28392f7edeae999c3ef\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 152230 a441ac44eb32961b7501af89318b4a7b\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 144266 ef451cbcab042db42649daf72c6b1c8f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 49312 a3c7d4f1ecea0c0ece5d7678cf105da1\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 30442 c4c0350c35c28cd4a3538bb185e12363\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 644542 6f348c5f9541bf9983ffaaed0bdc9498\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 296466 c807acbec7d6dafb413716f090267f96\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 123928 0be14b5d60fb131ac420ee90da82e146\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 159996 76b08b31fd918acd3bdeb153b4933b55\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 166846 2c6ac57b8c42bc9ff05e4669efd5f4ff\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 228700 f9f1b0172d92b1e5ebce4081a8a0cc00\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 66188 fbdfcb9c141c52c7ae1f19ceb2087a1f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 1312290 8110f357edf55054d5158c179689a299\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 48910 3c032813b3603d1eec9d611723531c29\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 35112 7bd30127b030333f3430796b068e3115\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 114298 f09a4fa0e390c36d220fe122b607a0cb\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 1413440 3af5eef97c53556b8dadf805c1a6c67d\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 47330 dcf10dce27a8f83b909b16a000385724\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 305644 683ff091fefae26fd6c47c433dea711e\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 166526 fa5f956a995a5d25e6efe2f009b99ff4\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 654228 80f9e7ef83cc2e36a94ea03b7edff1dc\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 51438 cb21550de7e0a89014f2f8eb87b17591\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 29248 b8971d6eb576fabb919964af1faa52df\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 236048 21f7e6d5701e059fb28d30412fb04533\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 172156 972b47cd302d1371ff2e8df0b1bd0d9e\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 33116 f890eb089f5cd7ab791ec80e4ae9e2d7\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 70238 574fcb9133a4d7f210fcddff87f0aeee\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/b/bind9/libdns55_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 599954 b76021d73914bf1b86ac972a8cbd6e6f\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 31848 75d94008212749cba0ce9841f1a31273\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 64724 763570b01cfe5cecc41d8b54d42bc48b\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 42988 81f283a697763eb2c98c2fe3fc8cf00a\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 107550 8712b44982126899cdff7ad1a1dcb447\n http://security.debian.org/pool/updates/main/b/bind9/libisc52_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 153088 d28c0db315eced2d37ff4ab0231d093f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 1424986 365c86916ac3cd4ffe3727085fbd2ea3\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 44674 b81aeb68bdc943717074b94435041c46\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 26528 c21c43ad3c77c888a63dd567883df5f0\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 220176 a7572f0293b67d49da792b7b1d5e9a2a\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 154392 520abba2ff3f46dd855b9f0279c26477\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R1+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 284728 d9007b6d5d11dd77f29bc053a2fb6106\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2010-06-04T19:22:55", "published": "2010-06-04T19:22:55", "id": "DEBIAN:DSA-2054-1:C437D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00097.html", "title": "[SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning", "type": "debian", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T01:45:59", "bulletinFamily": "unix", "cvelist": ["CVE-2010-0290", "CVE-2010-0097", "CVE-2009-4022"], "description": "It was discovered that Bind would incorrectly cache bogus NXDOMAIN \nresponses. When DNSSEC validation is in use, a remote attacker could \nexploit this to cause a denial of service, and possibly poison DNS caches. \n(CVE-2010-0097)\n\nUSN-865-1 provided updated Bind packages to fix a security vulnerability. \nThe upstream security patch to fix CVE-2009-4022 was incomplete and \nCVE-2010-0290 was assigned to the issue. This update corrects the problem. \nOriginal advisory details:\n\nMichael Sinatra discovered that Bind did not correctly validate certain \nrecords added to its cache. When DNSSEC validation is in use, a remote \nattacker could exploit this to spoof DNS entries and poison DNS caches. \nAmong other things, this could lead to misdirected email and web traffic.", "edition": 5, "modified": "2010-01-20T00:00:00", "published": "2010-01-20T00:00:00", "id": "USN-888-1", "href": "https://ubuntu.com/security/notices/USN-888-1", "title": "Bind vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-08T23:43:25", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022"], "description": "Michael Sinatra discovered that Bind did not correctly validate certain \nrecords added to its cache. When DNSSEC validation is in use, a remote \nattacker could exploit this to spoof DNS entries and poison DNS caches. \nAmong other things, this could lead to misdirected email and web traffic.", "edition": 5, "modified": "2009-12-07T00:00:00", "published": "2009-12-07T00:00:00", "id": "USN-865-1", "href": "https://ubuntu.com/security/notices/USN-865-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "slackware": [{"lastseen": "2020-10-25T16:36:18", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022", "CVE-2010-0097"], "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when\nDNSSEC is enabled (which is not the default setting).\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz: Upgraded.\n This fixes possible DNS cache poisoning attacks when DNSSEC is enabled\n and checking is disabled (CD).\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4.3_P5-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4.3_P5-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4.3_P5-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4.3_P5-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4.3_P5-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4.3_P5-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4.3_P5-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.3_P5-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4.3_P5-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4.3_P5-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4.3_P5-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4.3_P5-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4.3_P5-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\nc78e8a6cde34015681063a3d1c40c6c1 bind-9.4.3_P5-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\n9fcb18dfc779ecc7f6d69171e398c620 bind-9.4.3_P5-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\n3eb9a4b1973b6a3a2f779a3038269a31 bind-9.4.3_P5-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n7e11d017c1962f8ef92cfb1e9f39139b bind-9.4.3_P5-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n4dddfb400d6d928e41c7aa4bf7339547 bind-9.4.3_P5-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\nfe87668c84020ebf28b46910df71bb07 bind-9.4.3_P5-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n639efc6a35ccee727f0177089d241857 bind-9.4.3_P5-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n195c3bd1898d5118fe5cedfe6131e83b bind-9.4.3_P5-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n95fc95a77a99df46d35a578e069a965b bind-9.4.3_P5-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\naa8bdaedd7b7f6f36ff22be779182ff9 bind-9.4.3_P5-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n8d7ed3c0ae07a33aea7f506b25bec015 bind-9.4.3_P5-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nbb1f6aa2682743173135776e1ff0fadd bind-9.4.3_P5-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nc619cc02e89ba23a62dfb7726105e40e bind-9.4.3_P5-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ncb61186275370d1eddc62024725f5d05 bind-9.4.3_P5-x86_64-1_slack13.1.txz\n\nSlackware -current package:\n011ae9faeb16bf6e37ed9c8cbf8bb718 n/bind-9.7.1-i486-1.txz\n\nSlackware x86_64 -current package:\ne2d2e29b620581c725e68e75af7ba759 n/bind-9.7.1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.4.3_P5-i486-1_slack13.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2010-06-25T18:32:41", "published": "2010-06-25T18:32:41", "id": "SSA-2010-176-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.610821", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-30T07:37:05", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022"], "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue.\n\nMore details about this issue may be found here:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n http://www.kb.cert.org/vuls/id/418861\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\nWed Dec 2 20:51:55 UTC 2009\npatches/packages/bind-9.4.3_P4-i486-1_slack13.0.txz: Upgraded.\n BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a\n potential cache poisoning vulnerability, in which data in the additional\n section of a response could be cached without proper DNSSEC validation.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n http://www.kb.cert.org/vuls/id/418861\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4.3_P4-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4.3_P4-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4.3_P4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4.3_P4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4.3_P4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4.3_P4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4.3_P4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.3_P4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4.3_P4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4.3_P4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4.3_P4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4.3_P4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.4.3_P4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.4.3_P4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n9de9e38f113552581813e563f558af46 bind-9.4.3_P4-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\nb7102229c23fdbe67861102d5a9cc07e bind-9.4.3_P4-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\na23619b1d9a4277823c133e02c2e17dd bind-9.4.3_P4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n41c019668b1cd93d4990c1c0a37871f3 bind-9.4.3_P4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n571af94b9ca6fa6270002a4ac2efd1a5 bind-9.4.3_P4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n9c0ebc0c1f17e3eb0bf3a34f748f6bea bind-9.4.3_P4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n4ab62ea68d43b85446590208530e6083 bind-9.4.3_P4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n05f4975b7915f38064772a5f8e32efac bind-9.4.3_P4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n7ae7259553108750e56bac592230d714 bind-9.4.3_P4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n94a40d14be8c76829d302d4e8b399ded bind-9.4.3_P4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n0ec5ee211c88e64d2db7406d37a76cde bind-9.4.3_P4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n0889c8db7e6988809d52465cd60727fd bind-9.4.3_P4-x86_64-1_slack13.0.txz\n\nSlackware -current package:\ncda70d71d2fbc98338b5e7852b63abee bind-9.4.3_P4-i486-1.txz\n\nSlackware x86_64 -current package:\nf3b06522e828788b40d3811910ba272f bind-9.4.3_P4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.4.3_P4-i486-1_slack13.0.txz\n\nThen, restart BIND.", "modified": "2009-12-02T17:30:47", "published": "2009-12-02T17:30:47", "id": "SSA-2009-336-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.583233", "type": "slackware", "title": "bind", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4022", "CVE-2010-0097"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2010-01-21T00:14:47", "published": "2010-01-21T00:14:47", "id": "FEDORA:2E65010FD7E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: bind-9.6.1-15.P3.fc12", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0696", "CVE-2009-4022", "CVE-2010-0097"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2010-01-21T00:13:26", "published": "2010-01-21T00:13:26", "id": "FEDORA:DC61E10FE49", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: bind-9.6.1-9.P3.fc11", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2020-09-18T20:42:17", "bulletinFamily": "info", "cvelist": ["CVE-2010-0097"], "description": "### Overview \n\nA vulnerability exists in the BIND 9 DNSSEC validation code that could be used by an attacker to generate fake NXDOMAIN responses.\n\n### Description \n\nBIND 9 contains a vulnerability in DNSSEC validation code. According to [ISC](<https://www.isc.org/advisories/CVE-2010-0097>): \n \n_There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly, so that future queries to the resolver would return the bogus NXDOMAIN with the AD flag set. _\n\nThis issue affects BIND versions 9.0.x, 9.1.x, 9.2.x, 9.3.x, 9.4.0 -&gt; 9.4.3-P4, 9.5.0 -&gt; 9.5.2-P1, 9.6.0 -&gt; 9.6.1-P2 \n \n--- \n \n### Impact \n\nAn attacker may be able to add fake NXDOMAIN records to a resolver's cache. \n \n--- \n \n### Solution \n\nUpgrade BIND to version 9.4.3-P5, 9.5.2-P2 or 9.6.1-P3. \n \n--- \n \n### Vendor Information\n\n360341\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Fedora Project __ Affected\n\nNotified: January 15, 2010 Updated: January 27, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nFedora has published more information regarding this issue:\n\n<http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034196.html>\n\n### Internet Systems Consortium __ Affected\n\nNotified: January 15, 2010 Updated: January 19, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nPlease see <https://www.isc.org/advisories/CVE-2010-0097> for more information regarding the vulnerability.\n\n### Red Hat, Inc. __ Affected\n\nNotified: January 15, 2010 Updated: January 27, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nRed Hat has published more information regarding this issue:\n\n<http://rhn.redhat.com/errata/RHSA-2010-0062.html>\n\n### Sun Microsystems, Inc. __ Affected\n\nNotified: January 15, 2010 Updated: January 27, 2010 \n\n**Statement Date: January 21, 2010**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nPlease see the following document for more information:\n\n<http://sunsolve.sun.com/search/document.do?assetkey=1-66-275890-1>\n\n### The SCO Group Affected\n\nNotified: January 15, 2010 Updated: January 27, 2010 \n\n**Statement Date: January 18, 2010**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ubuntu __ Affected\n\nNotified: January 15, 2010 Updated: January 27, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nUbuntu has published more information regarding this issue:\n\n<http://www.ubuntu.com/usn/USN-888-1>\n\n### Alcatel-Lucent Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Apple Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### BlueCat Networks, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Check Point Software Technologies Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Debian GNU/Linux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### DragonFly BSD Project Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### EMC Corporation Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ericsson Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD Project Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fujitsu Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### GNU glibc Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gnu ADNS Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hitachi Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Infoblox Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Juniper Networks, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva S. A. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### McAfee Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Men &amp; Mice Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Microsoft Corporation Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Nokia Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Nominum Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Nortel Networks, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### QNX Software Systems Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SafeNet Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Shadowsupport Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: January 15, 2010 Updated: January 14, 2010 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 53 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n<https://www.isc.org/advisories/CVE-2010-0097>\n\n### Acknowledgements\n\nThis issue was reported by ISC.\n\nThis document was written by David Warren.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2010-0097](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-0097>) \n---|--- \n**Date Public:** | 2010-01-19 \n**Date First Published:** | 2010-01-19 \n**Date Last Updated: ** | 2010-01-27 19:37 UTC \n**Document Revision: ** | 13 \n", "modified": "2010-01-27T19:37:00", "published": "2010-01-19T00:00:00", "id": "VU:360341", "href": "https://www.kb.cert.org/vuls/id/360341", "type": "cert", "title": "BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}