Debian updates dnsmasq to counter DNS cache poisonin
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
Tenable Nessus | Mandriva Linux Security Advisory : bind (MDVSA-2008:139) | 23 Apr 200900:00 | – | nessus |
Tenable Nessus | GLSA-200901-03 : pdnsd: Denial of Service and cache poisoning | 12 Jan 200900:00 | – | nessus |
Tenable Nessus | Debian DSA-1603-1 : bind9 - DNS cache poisoning | 10 Jul 200800:00 | – | nessus |
Tenable Nessus | Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : bind9 vulnerability (USN-622-1) | 10 Jul 200800:00 | – | nessus |
Tenable Nessus | Debian DSA-1619-1 : python-dns - DNS response spoofing | 28 Jul 200800:00 | – | nessus |
Tenable Nessus | Solaris 8 (x86) : 109327-24 | 12 Jul 200400:00 | – | nessus |
Tenable Nessus | Debian DSA-1604-1 : bind - DNS cache poisoning | 10 Jul 200800:00 | – | nessus |
Tenable Nessus | Fedora 9 : dnsmasq-2.45-1.fc9 (2009-1069) | 17 Feb 200900:00 | – | nessus |
Tenable Nessus | RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2008:0533) | 10 Jul 200800:00 | – | nessus |
Tenable Nessus | Scientific Linux Security Update : bind on SL 3.0.x , SL 4.x, SL 5.x | 1 Aug 201200:00 | – | nessus |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-1623. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(33772);
script_version("1.28");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2008-1447", "CVE-2008-4194");
script_xref(name:"DSA", value:"1623");
script_xref(name:"IAVA", value:"2008-A-0045");
script_name(english:"Debian DSA-1623-1 : dnsmasq - DNS cache poisoning");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Dan Kaminsky discovered that properties inherent to the DNS protocol
lead to practical DNS cache poisoning attacks. Among other things,
successful attacks can lead to misdirected web traffic and email
rerouting.
This update changes Debian's dnsmasq packages to implement the
recommended countermeasure: UDP query source port randomization. This
change increases the size of the space from which an attacker has to
guess values in a backwards-compatible fashion and makes successful
attacks significantly more difficult.
This update also switches the random number generator to Dan
Bernstein's SURF."
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2008/dsa-1623"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the dnsmasq package.
For the stable distribution (etch), this problem has been fixed in
version 2.35-1+etch4. Packages for alpha will be provided later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dnsmasq");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
script_set_attribute(attribute:"patch_publication_date", value:"2008/07/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/08/01");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"4.0", prefix:"dnsmasq", reference:"2.35-1+etch4")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo