Lucene search
This script is Copyright (C) 2013-2023 Tenable Network Security, Inc.AIX_IZ56312.NASLHistoryJan 24, 2013 - 12:00 a.m.
AIX 5.3 TL 8 : bind (IZ56312)
2013-01-2400:00:00
This script is Copyright (C) 2013-2023 Tenable Network Security, Inc.
www.tenable.com
22
AIX βnamedβ is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9.
There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit.
The following command is vulnerable :
/usr/sbin/named9.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text in the description was extracted from AIX Security
# Advisory bind_advisory.asc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(63791);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/21");
script_cve_id("CVE-2009-0696");
script_name(english:"AIX 5.3 TL 8 : bind (IZ56312)");
script_summary(english:"Check for APAR IZ56312");
script_set_attribute(
attribute:"synopsis",
value:"The remote AIX host is missing a security patch."
);
script_set_attribute(
attribute:"description",
value:
"AIX 'named' is an implementation of BIND (Berkeley Internet Name
Domain) providing server functionality for the Domain Name System
(DNS) Protocol. AIX currently ships and supports three versions of
BIND: 4, 8, and 9.
There is an error in the handling of dynamic update messages in BIND
9. A crafted update packet from a remote user can cause a master
server to assert and exit. The successful exploitation of this
vulnerability allows a remote, unauthenticated user to make a master
DNS server assert and exit.
The following command is vulnerable :
/usr/sbin/named9."
);
script_set_attribute(
attribute:"see_also",
value:"https://www.isc.org/node/474"
);
script_set_attribute(
attribute:"see_also",
value:"https://aix.software.ibm.com/aix/efixes/security/bind_advisory.asc"
);
script_set_attribute(
attribute:"solution",
value:"Install the appropriate interim fix."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_cwe_id(16);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/08/05");
script_set_attribute(attribute:"patch_publication_date", value:"2009/08/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2023 Tenable Network Security, Inc.");
script_family(english:"AIX Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("aix.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);
if ( get_kb_item("Host/AIX/emgr_failure" ) ) exit(0, "This iFix check is disabled because : "+get_kb_item("Host/AIX/emgr_failure") );
flag = 0;
if (aix_check_ifix(release:"5.3", ml:"08", patch:"IZ56312_08", package:"bos.net.tcp.server", minfilesetver:"5.3.8.0", maxfilesetver:"5.3.8.5") < 0) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Related
oraclelinux
oraclelinux
bind security and bug fix update
2009-07-29 00:00:00
bind security and bug fix update
2009-07-29 00:00:00
bind security update
2009-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: bind-9.6.1-4.P1.fc11
2009-07-30 03:55:31
[SECURITY] Fedora 10 Update: bind-9.5.1-3.P3.fc10
2009-07-30 03:55:44
[SECURITY] Fedora 11 Update: bind-9.6.1-7.P2.fc11
2009-11-27 21:40:17
openvas
openvas
SLES9: Security update for bind
2009-10-10 00:00:00
Oracle Linux Local Check: ELSA-2009-1179
2015-10-08 00:00:00
Ubuntu USN-808-1 (bind9)
2009-08-17 00:00:00
nessus
nessus
Oracle Linux 3 : bind (ELSA-2009-1181)
2013-07-12 00:00:00
SuSE9 Security Update : bind (YOU Patch Number 12462)
2009-09-24 00:00:00
SuSE 11 Security Update : bind (SAT Patch Number 1147)
2009-09-24 00:00:00
prion
prion
Design/Logic Flaw
2009-07-29 17:30:00
cert
cert
ISC BIND 9 vulnerable to denial of service via dynamic update request
2009-07-28 00:00:00
centos
centos
bind security update
2009-07-30 19:55:19
bind, caching security update
2009-07-29 19:12:50
bind security update
2009-07-29 20:55:11
osv
osv
bind9 - denial of service
2009-07-29 00:00:00
securityvulns
securityvulns
BIND Dynamic Update DoS
2009-07-29 00:00:00
[security bulletin] HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
2010-07-18 00:00:00
ISC bind named DNS server DoS
2009-07-30 00:00:00
debian
debian
[SECURITY] [DSA 1847-1] New bind9 packages fix denial of service
2009-07-29 07:21:21
f5
f5
SOL10366 - BIND vulnerability - CVE-2009-0696
2009-07-28 00:00:00
K10366 : BIND vulnerability - CVE-2009-0696
2013-06-28 00:00:00
redhat
redhat
(RHSA-2009:1179) Important: bind security update
2009-07-29 00:00:00
(RHSA-2009:1180) Important: bind security and bug fix update
2009-07-29 00:00:00
(RHSA-2009:1181) Important: bind security and bug fix update
2009-07-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:33:36
freebsd
freebsd
BIND -- Dynamic update message remote DoS
2009-07-28 00:00:00
seebug
seebug
ISC BIND 9θΏη¨ε¨ζζ΄ζ°ζΆζ―ζη»ζε‘ζΌζ΄
2009-07-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 6 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 8 package bind version 9.3.6-alt5
2009-07-28 00:00:00
gentoo
gentoo
BIND: Denial of service
2009-08-01 00:00:00
ubuntu
ubuntu
Bind vulnerability
2009-07-29 00:00:00
checkpoint_security
checkpoint_security
Check Point response to ISC BIND 9 DoS vulnerability (CVE-2009-0696)
2009-08-08 21:00:00
checkpoint_advisories
checkpoint_advisories
BIND 9 DNS Server Dynamic Update Denial of Service (CVE-2009-0696)
2009-08-02 00:00:00
debiancve
debiancve
CVE-2009-0696
2009-07-29 17:30:00
ubuntucve
ubuntucve
CVE-2009-0696
2009-07-29 00:00:00
suse
suse
remote denial of service in bind
2009-07-30 16:51:35
slackware
slackware
bind
2009-07-29 22:52:55
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:12.bind
2009-07-29 00:00:00
cve
cve
CVE-2009-0696
2009-07-29 17:30:00
Related for AIX_IZ56312.NASL