Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2014-1984.NASL
HistoryDec 15, 2014 - 12:00 a.m.

CentOS 5 / 6 / 7 : bind (CESA-2014:1984)

2014-12-1500:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
JSON

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7.

Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500)

All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2014:1984 and 
# CentOS Errata and Security Advisory 2014:1984 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(79880);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2014-8500");
  script_xref(name:"RHSA", value:"2014:1984");

  script_name(english:"CentOS 5 / 6 / 7 : bind (CESA-2014:1984)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated bind packages that fix one security issue are now available
for Red Hat Enterprise Linux 5, 6, and 7.

Red Hat Product Security has rated this update as having Important
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server is
operating correctly.

A denial of service flaw was found in the way BIND followed DNS
delegations. A remote attacker could use a specially crafted zone
containing a large number of referrals which, when looked up and
processed, would cause named to use excessive amounts of memory or
crash. (CVE-2014-8500)

All bind users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the BIND daemon (named) will be restarted automatically."
  );
  # https://lists.centos.org/pipermail/centos-announce/2014-December/020827.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?6d8fce69"
  );
  # https://lists.centos.org/pipermail/centos-announce/2014-December/020828.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?96465679"
  );
  # https://lists.centos.org/pipermail/centos-announce/2014-December/020829.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?6d304811"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected bind packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-8500");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-chroot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libbind-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libs-lite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-license");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-lite-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-sdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-sdb-chroot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:caching-nameserver");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/12/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(5|6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x / 7.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-5", reference:"bind-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-chroot-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-devel-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-libbind-devel-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-libs-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-sdb-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"bind-utils-9.3.6-25.P1.el5_11.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"caching-nameserver-9.3.6-25.P1.el5_11.2")) flag++;

if (rpm_check(release:"CentOS-6", reference:"bind-9.8.2-0.30.rc1.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"bind-chroot-9.8.2-0.30.rc1.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"bind-devel-9.8.2-0.30.rc1.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"bind-libs-9.8.2-0.30.rc1.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"bind-sdb-9.8.2-0.30.rc1.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"bind-utils-9.8.2-0.30.rc1.el6_6.1")) flag++;

if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-chroot-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-devel-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-libs-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-libs-lite-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-license-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-lite-devel-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-sdb-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-sdb-chroot-9.9.4-14.el7_0.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-utils-9.9.4-14.el7_0.1")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc");
}
VendorProductVersionCPE
centoscentosbindp-cpe:/a:centos:centos:bind
centoscentosbind-chrootp-cpe:/a:centos:centos:bind-chroot
centoscentosbind-develp-cpe:/a:centos:centos:bind-devel
centoscentosbind-libbind-develp-cpe:/a:centos:centos:bind-libbind-devel
centoscentosbind-libsp-cpe:/a:centos:centos:bind-libs
centoscentosbind-libs-litep-cpe:/a:centos:centos:bind-libs-lite
centoscentosbind-licensep-cpe:/a:centos:centos:bind-license
centoscentosbind-lite-develp-cpe:/a:centos:centos:bind-lite-devel
centoscentosbind-sdbp-cpe:/a:centos:centos:bind-sdb
centoscentosbind-sdb-chrootp-cpe:/a:centos:centos:bind-sdb-chroot
Rows per page:
1-10 of 151

Related

checkpoint_advisories 1
nessus 42
suse 5
f5 2
securityvulns 2
oraclelinux 12
prion 1
openvas 34
debian 3
centos 2
cve 1
aix 1
mageia 1
osv 2
archlinux 1
redhat 3
fedora 7
veracode 1
amazon 1
debiancve 1
freebsd_advisory 1
ubuntucve 1
slackware 2
ubuntu 1
freebsd 1
gentoo 1
cert 1
checkpoint_advisories
checkpoint_advisories
ISC BIND Recursive Resolver Resource Consumption Denial of Service (CVE-2014-8500)
2014-12-21 00:00:00
nessus
nessus
Oracle Linux 5 / 6 / 7 : bind (ELSA-2014-1984)
2014-12-15 00:00:00
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:0096-1)
2015-05-20 00:00:00
AIX 6.1 TL 9 : bind9 (IV68994)
2015-02-25 00:00:00
suse
suse
Security update for bind (important)
2015-01-05 21:04:58
Security update for bind (important)
2015-01-21 11:04:45
Security update for bind (important)
2015-03-12 23:04:54
f5
f5
K15927 : BIND vulnerability CVE-2014-8500
2015-09-16 00:00:00
SOL15927 - BIND vulnerability CVE-2014-8500
2014-12-19 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-14:29.bind
2014-12-10 00:00:00
ISC bind named DoS
2014-12-10 00:00:00
oraclelinux
oraclelinux
bind97 security update
2014-12-12 00:00:00
bind security update
2014-12-12 00:00:00
bind97 security update
2015-07-29 00:00:00
prion
prion
Design/Logic Flaw
2014-12-11 02:59:00
openvas
openvas
Ubuntu: Security Advisory (USN-2437-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-3094-1)
2014-12-07 00:00:00
Mageia: Security Advisory (MGASA-2014-0524)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 3094-1] bind9 security update
2014-12-08 21:43:21
[SECURITY] [DSA 3094-1] bind9 security update
2014-12-08 21:42:44
[SECURITY] [DLA 112-1] bind9 security update
2014-12-15 18:44:16
centos
centos
bind, caching security update
2014-12-12 11:07:42
bind97 security update
2014-12-12 11:03:15
cve
cve
CVE-2014-8500
2014-12-11 02:59:00
aix
aix
Vulnerability in AIX bind,Vulnerability in VIOS bind
2015-02-24 11:33:18
mageia
mageia
Updated bind packages fix CVE-2014-8500
2014-12-10 23:09:57
osv
osv
bind9 - security update
2014-12-15 00:00:00
bind9 - security update
2014-12-08 00:00:00
archlinux
archlinux
bind: denial of service
2014-12-08 00:00:00
redhat
redhat
(RHSA-2014:1985) Important: bind97 security update
2014-12-12 00:00:00
(RHSA-2014:1984) Important: bind security update
2014-12-12 00:00:00
(RHSA-2016:0078) Important: bind security update
2016-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: bind-9.9.6-5.P1.fc21
2015-01-06 06:04:49
[SECURITY] Fedora 21 Update: bind-9.9.6-8.P1.fc21
2015-03-05 12:38:47
[SECURITY] Fedora 20 Update: bind-9.9.4-17.P2.fc20
2014-12-18 06:10:51
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:03:25
amazon
amazon
Important: bind
2015-01-08 11:36:00
debiancve
debiancve
CVE-2014-8500
2014-12-11 02:59:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:29.bind
2014-12-10 00:00:00
ubuntucve
ubuntucve
CVE-2014-8500
2014-12-09 00:00:00
slackware
slackware
[slackware-security] bind
2014-12-11 04:11:21
[slackware-security] bind
2015-04-22 02:16:38
ubuntu
ubuntu
Bind vulnerability
2014-12-09 00:00:00
freebsd
freebsd
bind -- denial of service vulnerability
2014-12-08 00:00:00
gentoo
gentoo
BIND: Multiple Vulnerabilities
2015-02-07 00:00:00
cert
cert
Recursive DNS resolver implementations may follow referrals infinitely
2014-12-09 00:00:00
JSON
Related for CENTOS_RHSA-2014-1984.NASL
checkpoint_advisories1nessus42suse5f52securityvulns2oraclelinux12prion1openvas34debian3centos2cve1aix1mageia1osv2archlinux1redhat3fedora7veracode1amazon1debiancve1freebsd_advisory1ubuntucve1slackware2ubuntu1freebsd1gentoo1cert1