ID FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL Type nessus Reporter This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2015-12-16T00:00:00
Description
ISC reports :
Named is potentially vulnerable to the OpenSSL vulnerability described
in CVE-2015-3193.
Incorrect reference counting could result in an INSIST failure if a
socket error occurred while performing a lookup. This flaw is
disclosed in CVE-2015-8461. [RT#40945]
Insufficient testing when parsing a message allowed records with an
incorrect class to be be accepted, triggering a REQUIRE failure when
those records were subsequently cached. This flaw is disclosed in
CVE-2015-8000. [RT #40987]
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2018 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
# copyright notice, this list of conditions and the following
# disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
# published online in any format, converted to PDF, PostScript,
# RTF and other formats) must reproduce the above copyright
# notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
#
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(87387);
script_version("2.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2015-3193", "CVE-2015-8000", "CVE-2015-8461");
script_xref(name:"FreeBSD", value:"SA-15:27.bind");
script_name(english:"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)");
script_summary(english:"Checks for updated packages in pkg_info output");
script_set_attribute(
attribute:"synopsis",
value:
"The remote FreeBSD host is missing one or more security-related
updates."
);
script_set_attribute(
attribute:"description",
value:
"ISC reports :
Named is potentially vulnerable to the OpenSSL vulnerability described
in CVE-2015-3193.
Incorrect reference counting could result in an INSIST failure if a
socket error occurred while performing a lookup. This flaw is
disclosed in CVE-2015-8461. [RT#40945]
Insufficient testing when parsing a message allowed records with an
incorrect class to be be accepted, triggering a REQUIRE failure when
those records were subsequently cached. This flaw is disclosed in
CVE-2015-8000. [RT #40987]"
);
# https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?06404c1c"
);
# https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?b6276ea6"
);
# https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?076d928a"
);
# https://vuxml.freebsd.org/freebsd/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?fa3a95ac"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind9-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind910");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind99");
script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/24");
script_set_attribute(attribute:"patch_publication_date", value:"2015/12/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"FreeBSD Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
exit(0);
}
include("audit.inc");
include("freebsd_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (pkg_test(save_report:TRUE, pkg:"bind99<9.9.8P2")) flag++;
if (pkg_test(save_report:TRUE, pkg:"bind910<9.10.3P2")) flag++;
if (pkg_test(save_report:TRUE, pkg:"bind9-devel<9.11.0.a20151215")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL", "bulletinFamily": "scanner", "title": "FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)", "description": "ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described\nin CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a\nsocket error occurred while performing a lookup. This flaw is\ndisclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an\nincorrect class to be be accepted, triggering a REQUIRE failure when\nthose records were subsequently cached. This flaw is disclosed in\nCVE-2015-8000. [RT #40987]", "published": "2015-12-16T00:00:00", "modified": "2015-12-16T00:00:00", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/87387", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?b6276ea6", "http://www.nessus.org/u?fa3a95ac", "http://www.nessus.org/u?06404c1c", "http://www.nessus.org/u?076d928a"], "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "type": "nessus", "lastseen": "2021-01-07T10:48:58", "edition": 22, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-8000", "CVE-2015-3193", "CVE-2015-8461"]}, {"type": "f5", "idList": ["SOL34250741", "F5:K30673534", "SOL30714460", "F5:K30714460", "SOL30673534", "F5:K34250741", "SOL90542710"]}, {"type": "slackware", "idList": ["SSA-2015-349-01"]}, {"type": "freebsd", "idList": ["A8EC4DB7-A398-11E5-85E9-14DAE9D210B8"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2015-349-01.NASL", "FEDORA_2015-40882DDFB1.NASL", "DEBIAN_DLA-370.NASL", "ALA_ALAS-2015-631.NASL", "FEDORA_2015-09BF9E06EA.NASL", "CENTOS_RHSA-2015-2658.NASL", "REDHAT-RHSA-2015-2655.NASL", "FEDORA_2015-2DF40DE264.NASL", "BIND9_998_P2_2015_8461.NASL", "SUSE_SU-2015-2340-1.NASL"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000001"]}, {"type": "hackerone", "idList": ["H1:128169"]}, {"type": "openvas", "idList": ["OPENVAS:703420", "OPENVAS:1361412562310806918", "OPENVAS:1361412562310120621", "OPENVAS:1361412562310806919", "OPENVAS:1361412562310806916", "OPENVAS:1361412562310122810", "OPENVAS:1361412562310871527", "OPENVAS:1361412562310851184", "OPENVAS:1361412562310122808", "OPENVAS:1361412562310806998"]}, {"type": "fedora", "idList": ["FEDORA:934DA601D70A", "FEDORA:BB1F86069A50", "FEDORA:A73E5606E7FB", "FEDORA:DECCD6078F56", "FEDORA:8B49C6087C56", "FEDORA:AFC27606D3FB", "FEDORA:6EFAD60799E0", "FEDORA:80F91601CFBE", "FEDORA:828D26087C52", "FEDORA:AAB4360779B9"]}, {"type": "amazon", "idList": ["ALAS-2015-631"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3420-1:0BF5D", "DEBIAN:DLA-370-1:2205A"]}, {"type": "aix", "idList": ["BIND_ADVISORY10.ASC"]}, {"type": "redhat", "idList": ["RHSA-2015:2656", "RHSA-2015:2655", "RHSA-2015:2658"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2655"]}, {"type": "centos", "idList": ["CESA-2015:2655", "CESA-2015:2658"]}, {"type": "suse", "idList": ["SUSE-SU-2015:2340-1", "SUSE-SU-2015:2359-1", "OPENSUSE-SU-2015:2391-1", "OPENSUSE-SU-2015:2364-1", "SUSE-SU-2015:2341-1", "OPENSUSE-SU-2015:2365-1"]}, {"type": "ubuntu", "idList": ["USN-2837-1"]}], "modified": "2021-01-07T10:48:58", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2021-01-07T10:48:58", "rev": 2}, "vulnersScore": 6.4}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87387);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3193\", \"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FreeBSD\", value:\"SA-15:27.bind\");\n\n script_name(english:\"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described\nin CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a\nsocket error occurred while performing a lookup. This flaw is\ndisclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an\nincorrect class to be be accepted, triggering a REQUIRE failure when\nthose records were subsequently cached. This flaw is disclosed in\nCVE-2015-8000. [RT #40987]\"\n );\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06404c1c\"\n );\n # https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6276ea6\"\n );\n # https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?076d928a\"\n );\n # https://vuxml.freebsd.org/freebsd/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa3a95ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind910\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99<9.9.8P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind910<9.10.3P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-devel<9.11.0.a20151215\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "pluginID": "87387", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:bind9-devel", "p-cpe:/a:freebsd:freebsd:bind99", "p-cpe:/a:freebsd:freebsd:bind910"], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T12:49:57", "description": "Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.", "edition": 3, "cvss3": {}, "published": "2015-12-16T15:59:00", "title": "CVE-2015-8461", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8461"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.9.8", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.9.3", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.10.1", "cpe:/a:isc:bind:9.8.6", "cpe:/a:isc:bind:9.9.5", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.4", "cpe:/a:isc:bind:9.9.7", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.9.6", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.8.5", "cpe:/a:isc:bind:9.10.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.10.3", "cpe:/a:isc:bind:9.8.4", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:8.4.7", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2015-8461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8461", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:49:56", "description": "db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.", "edition": 4, "cvss3": {}, "published": "2015-12-16T15:59:00", "title": "CVE-2015-8000", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8000"], "modified": "2019-12-27T16:08:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.3.1", "cpe:/o:oracle:linux:6", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.9.8", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.9.3", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.10.1", "cpe:/a:isc:bind:9.8.6", "cpe:/a:isc:bind:9.9.5", "cpe:/o:oracle:vm_server:3.2", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.4", "cpe:/a:isc:bind:9.9.7", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.9.6", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.8.5", "cpe:/a:isc:bind:9.10.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/o:oracle:linux:7", "cpe:/a:isc:bind:9.5.0", "cpe:/o:oracle:solaris:10", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/o:oracle:linux:5.0", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.10.3", "cpe:/a:isc:bind:9.8.4", "cpe:/o:oracle:solaris:11.3", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:8.4.7", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2015-8000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8000", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:49:50", "description": "The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.", "edition": 3, "cvss3": {}, "published": "2015-12-06T20:59:00", "title": "CVE-2015-3193", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3193"], "modified": "2017-11-30T02:29:00", "cpe": ["cpe:/a:openssl:openssl:1.0.2", "cpe:/a:openssl:openssl:1.0.2a", "cpe:/a:openssl:openssl:1.0.2c", "cpe:/a:openssl:openssl:1.0.2b", "cpe:/a:openssl:openssl:1.0.2d"], "id": "CVE-2015-3193", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3193", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:30", "bulletinFamily": "software", "cvelist": ["CVE-2015-8461"], "edition": 1, "description": "\nF5 Product Development has assigned ID 561371 (BIG-IP) to this vulnerabilility, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<showcase?case=K167 >)\n", "modified": "2016-12-01T19:55:00", "published": "2015-12-16T21:11:00", "href": "https://support.f5.com/csp/article/K30673534", "id": "F5:K30673534", "type": "f5", "title": "BIND vulnerability CVE-2015-8461", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-12-01T17:28:15", "bulletinFamily": "software", "cvelist": ["CVE-2015-8461"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-12-01T00:00:00", "published": "2015-12-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/30/sol30673534.html", "id": "SOL30673534", "title": "SOL30673534 - BIND vulnerability CVE-2015-8461", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-04-06T22:40:12", "bulletinFamily": "software", "cvelist": ["CVE-2015-8000"], "description": "\nF5 Product Development has assigned ID 560180 (BIG-IP), ID 562693 (BIG-IQ), and ID 562695 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H562598 on the** Diagnostics **>** Identified** > **High** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP AAM | 12.0.0 \n11.6.0 \n11.4.0 - 11.5.3 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 | High | BIND \nBIG-IP AFM | 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 | High | BIND \nBIG-IP Analytics | 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP APM | 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP ASM | 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP DNS | 12.0.0 | 12.1.0 \n12.0.0 HF3 | High | BIND \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | High | BIND \nBIG-IP GTM | 11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4 | 11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP Link Controller | 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP PEM | 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3 | 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 | High | BIND \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | High | BIND \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | High | BIND \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.0.0 - 3.1.1 | None | Low | BIND \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Low | BIND \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Low | BIND \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Low | BIND \nBIG-IQ ADC | 4.5.0 | None | Low | BIND \nBIG-IQ Centralized Management | 4.6.0 | None | Low | BIND \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Low | BIND \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | Not vulnerable | None\n\nIf you are running a version listed in the** Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you must disable the use of recursion in the BIND configuration. You can perform the following procedures to determine if recursion has been manually enabled, and disable it if it has been enabled.\n\nDetermining if recursion has been manually enabled on the system\n\n**Impact of action:** Performing the following procedure should not have a negative impact on your system.\n\n 1. Log in to the BIG-IP command line.\n 2. Type the following command: \n\ngrep recursion /var/named/config/named.conf\n\n 3. If the command returns the following response, recursion has been enabled, and you should perform the following, **Mitigating the vulnerability** procedure. \n\nrecursion yes;\n\nIf the command returns the following response, recursion has not been enabled, and the system is not vulnerable. \n\nrecursion no;\n\nMitigating the vulnerability\n\nTo mitigate this vulnerability, you can turn recursion off in the **named.conf** file. To do so, perform the following procedure:\n\n**Impact of action:** This modification requires a change to your configuration. F5 recommends that you test the modified configuration in an appropriate environment before implementing it.\n\n 1. Log in to the BIG-IP command line.\n 2. Change directories to the **/var/named/config **directory by typing the following command: \n\ncd /var/named/config\n\n 3. Create a backup of the **named.conf** file by typing the following command: \n\ncp named.conf named.conf.SOL34250741\n\n 4. To edit the **named.conf** file, locate the** recursion** option. \nFor example: \n\nrecursion yes;\n\n 5. Change the **recursion** option to** no.** \nFor example: \n\nrecursion no;\n\n 6. Save the changes to the **named.conf** file.\n 7. Restart **named **to allow the changes to reload by typing the following command: \n\nbigstart restart named\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "edition": 1, "modified": "2019-05-08T23:10:00", "published": "2015-12-16T22:00:00", "id": "F5:K34250741", "href": "https://support.f5.com/csp/article/K34250741", "title": "BIND vulnerability CVE-2015-8000", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2016-09-26T17:22:50", "bulletinFamily": "software", "cvelist": ["CVE-2015-8000"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the** Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you must disable the use of recursion in the BIND configuration. You can perform the following procedures to determine if recursion has been manually enabled, and disable it if it has been enabled.\n\nDetermining if recursion has been manually enabled on the system\n\n**Impact of action:** Performing the following procedure should not have a negative impact on your system.\n\n 1. Log in to the BIG-IP command line.\n 2. Type the following command: \n\ngrep recursion /var/named/config/named.conf\n\n 3. If the command returns the following response, recursion has been enabled, and you should perform the following, **Mitigating the vulnerability** procedure. \n\nrecursion yes;\n\nIf the command returns the following response, recursion has not been enabled, and the system is not vulnerable. \n\nrecursion no;\n\nMitigating the vulnerability\n\nTo mitigate this vulnerability, you can turn recursion off in the **named.conf** file. To do so, perform the following procedure:\n\n**Impact of action:** This modification requires a change to your configuration. F5 recommends that you test the modified configuration in an appropriate environment before implementing it.\n\n 1. Log in to the BIG-IP command line.\n 2. Change directories to the **/var/named/config **directory by typing the following command: \n\ncd /var/named/config\n\n 3. Create a backup of the **named.conf** file by typing the following command: \n\ncp named.conf named.conf.SOL34250741\n\n 4. To edit the **named.conf** file, locate the** recursion** option. \nFor example: \n\nrecursion yes;\n\n 5. Change the **recursion** option to** no.** \nFor example: \n\nrecursion no;\n\n 6. Save the changes to the **named.conf** file.\n 7. Restart **named **to allow the changes to reload by typing the following command: \n\nbigstart restart named\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-08-16T00:00:00", "published": "2015-12-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/34/sol34250741.html", "id": "SOL34250741", "title": "SOL34250741 - BIND vulnerability CVE-2015-8000", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:39", "bulletinFamily": "software", "cvelist": ["CVE-2015-3193"], "edition": 1, "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.4.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-01-09T02:32:00", "published": "2015-12-04T21:16:00", "href": "https://support.f5.com/csp/article/K30714460", "id": "F5:K30714460", "title": "OpenSSL vulnerability CVE-2015-3193", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:23", "bulletinFamily": "software", "cvelist": ["CVE-2015-3193"], "edition": 1, "description": "Supplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2015-12-15T00:00:00", "published": "2015-12-04T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/30/sol30714460.html", "id": "SOL30714460", "title": "SOL30714460 - OpenSSL vulnerability CVE-2015-3193", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-05-09T01:00:37", "bulletinFamily": "software", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "edition": 1, "description": "**Note**: This is a temporary index. When an article has been published for all of the CVEs listed in the previous table, this article may no longer be maintained, may be repurposed, or may be archived without advanced notice.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2015-12-07T00:00:00", "published": "2015-12-03T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/90/sol90542710.html", "id": "SOL90542710", "title": "SOL90542710 - OpenSSL vulnerabilities CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "slackware": [{"lastseen": "2020-10-25T16:35:56", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3193", "CVE-2015-8000", "CVE-2015-8461"], "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/bind-9.9.8_P2-x86_64-1_slack14.1.txz: Upgraded.\n This update fixes three security issues:\n Update allowed OpenSSL versions as named is potentially vulnerable\n to CVE-2015-3193.\n Insufficient testing when parsing a message allowed records with an\n incorrect class to be be accepted, triggering a REQUIRE failure when\n those records were subsequently cached. (CVE-2015-8000)\n Address fetch context reference count handling error on socket error.\n (CVE-2015-8461)\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.8_P2-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.8_P2-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.8_P2-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.8_P2-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.8_P2-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.8_P2-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.8_P2-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.3_P2-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.3_P2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\nef466df7b5c30de3b1823ae2ef7c0820 bind-9.9.8_P2-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n4d6fd1a921302be279fb00b8f3c5209f bind-9.9.8_P2-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nde9cea0aaf0123e1b480582a97b5a483 bind-9.9.8_P2-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n3d06836402ee2265194d819bf59ebef5 bind-9.9.8_P2-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n084270843411521f1d5f7dfee0faf05a bind-9.9.8_P2-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n2cb2bfdb94e52725bccecea29e5a5bc1 bind-9.9.8_P2-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\nb653a7dd7b8591ccbd434bb2ec2e395f bind-9.9.8_P2-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd6db5ba1f2c1ae0c99457b1866d9b752 bind-9.9.8_P2-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nffaf96b22a3148f23d6cb0349c4fa745 bind-9.9.8_P2-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n5382418d8d2044f567934b24f280592b bind-9.9.8_P2-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n8a998dd407304fb10e8df8c92655ff54 n/bind-9.10.3_P2-i586-1.txz\n\nSlackware x86_64 -current package:\n545b71ea3107b6a7796fb21cf1dfd311 n/bind-9.10.3_P2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.9.8_P2-i486-1_slack14.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2015-12-16T06:24:47", "published": "2015-12-16T06:24:47", "id": "SSA-2015-349-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:56", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "description": "\nISC reports:\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.\nIncorrect reference counting could result in an INSIST\n\t failure if a socket error occurred while performing a lookup. This flaw\n\t is disclosed in CVE-2015-8461. [RT#40945]\nInsufficient testing when parsing a message allowed records\n\t with an incorrect class to be be accepted, triggering a REQUIRE failure\n\t when those records were subsequently cached. This flaw is disclosed in\n\t CVE-2015-8000. [RT #40987]\n\n", "edition": 5, "modified": "2016-08-09T00:00:00", "published": "2015-11-24T00:00:00", "id": "A8EC4DB7-A398-11E5-85E9-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html", "title": "bind -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:10:08", "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, and -current to fix security issues.", "edition": 22, "published": "2015-12-16T00:00:00", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2015-349-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:13.0", "p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2015-349-01.NASL", "href": "https://www.tenable.com/plugins/nessus/87375", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-349-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87375);\n script_version(\"$Revision: 2.7 $\");\n script_cvs_date(\"$Date: 2016/01/31 05:42:28 $\");\n\n script_cve_id(\"CVE-2015-3193\", \"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"SSA\", value:\"2015-349-01\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2015-349-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fba8c746\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.8_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.10.3_P2\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.10.3_P2\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:19:14", "description": "An error in the parsing of incoming responses allows some records with\nan incorrect class to be be accepted by BIND instead of being rejected\nas malformed. This can trigger a REQUIRE assertion failure when those\nrecords are subsequently cached. Intentional exploitation of this\ncondition is possible and could be used as a denial-of-service vector\nagainst servers performing recursive queries. (CVE-2015-8000)\n\nCVE-2015-8461 was also issued today for bind, but the Amazon Linux\nAMI's version of bind is not impacted by that CVE.", "edition": 24, "published": "2015-12-16T00:00:00", "title": "Amazon Linux AMI : bind (ALAS-2015-631)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bind", "p-cpe:/a:amazon:linux:bind-utils", "p-cpe:/a:amazon:linux:bind-debuginfo", "p-cpe:/a:amazon:linux:bind-sdb", "p-cpe:/a:amazon:linux:bind-devel", "p-cpe:/a:amazon:linux:bind-libs", "p-cpe:/a:amazon:linux:bind-chroot", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-631.NASL", "href": "https://www.tenable.com/plugins/nessus/87380", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-631.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87380);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-8000\");\n script_xref(name:\"ALAS\", value:\"2015-631\");\n script_xref(name:\"RHSA\", value:\"2015:2655\");\n\n script_name(english:\"Amazon Linux AMI : bind (ALAS-2015-631)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An error in the parsing of incoming responses allows some records with\nan incorrect class to be be accepted by BIND instead of being rejected\nas malformed. This can trigger a REQUIRE assertion failure when those\nrecords are subsequently cached. Intentional exploitation of this\ncondition is possible and could be used as a denial-of-service vector\nagainst servers performing recursive queries. (CVE-2015-8000)\n\nCVE-2015-8461 was also issued today for bind, but the Amazon Linux\nAMI's version of bind is not impacted by that CVE.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-631.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update bind' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"bind-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-chroot-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-debuginfo-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-devel-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-libs-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-sdb-9.8.2-0.37.rc1.42.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-utils-9.8.2-0.37.rc1.42.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:13:29", "description": "security update\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2016-03-04T00:00:00", "title": "Fedora 22 : bind-9.10.3-7.P2.fc22 / bind-dyndb-ldap-7.0-6.fc22 / dnsperf-2.0.0.0-19.fc22 (2015-2df40de264)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:dnsperf", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-2DF40DE264.NASL", "href": "https://www.tenable.com/plugins/nessus/89192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-2df40de264.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89192);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FEDORA\", value:\"2015-2df40de264\");\n\n script_name(english:\"Fedora 22 : bind-9.10.3-7.P2.fc22 / bind-dyndb-ldap-7.0-6.fc22 / dnsperf-2.0.0.0-19.fc22 (2015-2df40de264)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security update\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291186\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174250.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ccfc26a0\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174251.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?adbb9c5a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1275ec7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind, bind-dyndb-ldap and / or dnsperf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"bind-9.10.3-7.P2.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"bind-dyndb-ldap-7.0-6.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"dnsperf-2.0.0.0-19.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dnsperf\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:13:12", "description": "security fix\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : bind-9.10.3-7.P2.fc23 / bind-dyndb-ldap-8.0-4.fc23 / dnsperf-2.0.0.0-19.fc23 (2015-09bf9e06ea)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:dnsperf", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-09BF9E06EA.NASL", "href": "https://www.tenable.com/plugins/nessus/89136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-09bf9e06ea.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89136);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FEDORA\", value:\"2015-09bf9e06ea\");\n\n script_name(english:\"Fedora 23 : bind-9.10.3-7.P2.fc23 / bind-dyndb-ldap-8.0-4.fc23 / dnsperf-2.0.0.0-19.fc23 (2015-09bf9e06ea)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291186\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174144.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d958e59\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4bb967a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174146.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?958d3d32\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind, bind-dyndb-ldap and / or dnsperf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"bind-9.10.3-7.P2.fc23\")) flag++;\nif (rpm_check(release:\"FC23\", reference:\"bind-dyndb-ldap-8.0-4.fc23\")) flag++;\nif (rpm_check(release:\"FC23\", reference:\"dnsperf-2.0.0.0-19.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dnsperf\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:21:55", "description": "According to its self-reported version number, the remote installation\nof BIND is affected by a denial of service vulnerability due to a race\ncondition that occurs when handling socket errors. An unauthenticated,\nremote attacker can exploit this to trigger an INSIST failure,\nresulting in a denial of service condition.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 25, "published": "2015-12-18T00:00:00", "title": "ISC BIND 9.9.8 < 9.9.8-P2 / 9.10.3 < 9.10.3-P2 Socket Error Handling DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_998_P2_2015_8461.NASL", "href": "https://www.tenable.com/plugins/nessus/87503", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87503);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\"CVE-2015-8461\");\n script_bugtraq_id(79347);\n\n script_name(english:\"ISC BIND 9.9.8 < 9.9.8-P2 / 9.10.3 < 9.10.3-P2 Socket Error Handling DoS\");\n script_summary(english:\"Checks the version of BIND.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote installation\nof BIND is affected by a denial of service vulnerability due to a race\ncondition that occurs when handling socket errors. An unauthenticated,\nremote attacker can exploit this to trigger an INSIST failure,\nresulting in a denial of service condition.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/docs/aa-01319\");\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06404c1c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to BIND version 9.9.8-P2 / 9.9.8-S3 / 9.10.3-P2 or later.\nNote that 9.9.8-S3 is a preview version of BIND provided exclusively\nto ISC Support customers.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"bind/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (\n ver =~ \"^9\\.9\\.8((([ab]|beta|rc)[0-9]*)|(-P[0-1])|(-S[0-2]))?$\" ||\n ver =~ \"^9\\.10\\.3((([ab]|beta|rc)[0-9]*)|(-P[0-1]))?$\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 9.9.8-P2 / 9.9.8-S3 / 9.10.3-P2' +\n '\\n';\n security_hole(port:53, proto:\"udp\", extra:report);\n }\n else security_hole(port:53, proto:\"udp\");\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"BIND\", 53, ver, \"UDP\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-18T02:47:23", "description": "A denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use\nthis flaw to send a query to request a cached record with a malformed\nclass attribute that would cause named functioning as an authoritative\nor recursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they\nperform authentication when making recursive queries to resolve\naddresses for servers listed in NS RRSETs.\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 13, "published": "2015-12-18T00:00:00", "title": "Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20151216)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "modified": "2015-12-18T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-debuginfo", "p-cpe:/a:fermilab:scientific_linux:bind-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-utils", "p-cpe:/a:fermilab:scientific_linux:bind-libs", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind-sdb", "p-cpe:/a:fermilab:scientific_linux:bind"], "id": "SL_20151216_BIND_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87491", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87491);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/25\");\n\n script_cve_id(\"CVE-2015-8000\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20151216)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use\nthis flaw to send a query to request a cached record with a malformed\nclass attribute that would cause named functioning as an authoritative\nor recursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they\nperform authentication when making recursive queries to resolve\naddresses for servers listed in NS RRSETs.\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=3481\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?573177e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"bind-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-debuginfo-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.8.2-0.37.rc1.el6_7.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T14:23:23", "description": "This update for bind fixes the following security issue :\n\n - CVE-2015-8000: Fix remote denial of service by\n misparsing incoming responses (bsc#958861).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2015-12-29T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:2359-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "modified": "2015-12-29T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind-chrootenv", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:bind", "p-cpe:/a:novell:suse_linux:bind-debugsource", "p-cpe:/a:novell:suse_linux:bind-debuginfo", "p-cpe:/a:novell:suse_linux:bind-utils-debuginfo", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:bind-libs-debuginfo", "p-cpe:/a:novell:suse_linux:bind-libs"], "id": "SUSE_SU-2015-2359-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87655", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2359-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87655);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-8000\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:2359-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for bind fixes the following security issue :\n\n - CVE-2015-8000: Fix remote denial of service by\n misparsing incoming responses (bsc#958861).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8000/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152359-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb0ef62e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2015-1016=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2015-1016=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2015-1016=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-chrootenv-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-debuginfo-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-debugsource-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-debuginfo-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-utils-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-utils-debuginfo-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-32bit-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bind-libs-debuginfo-32bit-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-debuginfo-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-debugsource-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-utils-9.9.6P1-32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"bind-utils-debuginfo-9.9.6P1-32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T13:23:42", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix (CVE-2015-8000)", "edition": 26, "published": "2015-12-18T00:00:00", "title": "OracleVM 3.3 : bind (OVMSA-2015-0156)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "modified": "2015-12-18T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:bind-utils", "cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:bind-libs"], "id": "ORACLEVM_OVMSA-2015-0156.NASL", "href": "https://www.tenable.com/plugins/nessus/87489", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0156.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87489);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-8000\");\n\n script_name(english:\"OracleVM 3.3 : bind (OVMSA-2015-0156)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix (CVE-2015-8000)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-December/000404.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5272303\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind-libs / bind-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-libs-9.8.2-0.37.rc1.el6_7.5\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-utils-9.8.2-0.37.rc1.el6_7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind-libs / bind-utils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:41:15", "description": "From Red Hat Security Advisory 2015:2656 :\n\nUpdated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use\nthis flaw to send a query to request a cached record with a malformed\nclass attribute that would cause named functioning as an authoritative\nor recursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they\nperform authentication when making recursive queries to resolve\naddresses for servers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "edition": 23, "published": "2015-12-17T00:00:00", "title": "Oracle Linux 5 : bind (ELSA-2015-2656)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:caching-nameserver", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-libbind-devel"], "id": "ORACLELINUX_ELSA-2015-2656.NASL", "href": "https://www.tenable.com/plugins/nessus/87449", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2656 and \n# Oracle Linux Security Advisory ELSA-2015-2656 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87449);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/27 13:00:36\");\n\n script_cve_id(\"CVE-2015-8000\");\n script_xref(name:\"RHSA\", value:\"2015:2656\");\n\n script_name(english:\"Oracle Linux 5 : bind (ELSA-2015-2656)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2656 :\n\nUpdated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use\nthis flaw to send a query to request a cached record with a malformed\nclass attribute that would cause named functioning as an authoritative\nor recursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they\nperform authentication when making recursive queries to resolve\naddresses for servers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-December/005653.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-chroot-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-devel-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libbind-devel-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libs-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-sdb-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-utils-9.3.6-25.P1.el5_11.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"caching-nameserver-9.3.6-25.P1.el5_11.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T13:16:34", "description": "According to its self-reported version number, the remote installation\nof BIND is affected by a denial of service vulnerability due to\nimproper parsing of incorrect class attributes in db.c. An\nunauthenticated, remote attacker can exploit this, via a malformed\nclass attribute, to trigger a REQUIRE assertion failure, resulting in\na denial of service condition.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 23, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2015-12-18T00:00:00", "title": "ISC BIND 9.x < 9.9.8-P2 / 9.10.x < 9.10.3-P2 Response Parsing Class Attribute Handling DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "modified": "2015-12-18T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_998_P2_2015_8000.NASL", "href": "https://www.tenable.com/plugins/nessus/87502", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87502);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/27\");\n\n script_cve_id(\"CVE-2015-8000\");\n script_bugtraq_id(79349);\n\n script_name(english:\"ISC BIND 9.x < 9.9.8-P2 / 9.10.x < 9.10.3-P2 Response Parsing Class Attribute Handling DoS\");\n script_summary(english:\"Checks the version of BIND.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote installation\nof BIND is affected by a denial of service vulnerability due to\nimproper parsing of incorrect class attributes in db.c. An\nunauthenticated, remote attacker can exploit this, via a malformed\nclass attribute, to trigger a REQUIRE assertion failure, resulting in\na denial of service condition.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/docs/aa-01317\");\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06404c1c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to BIND version 9.9.8-P2 / 9.9.8-S3 / 9.10.3-P2 or later.\nNote that 9.9.8-S3 is a preview version of BIND provided exclusively\nto ISC Support customers.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8000\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"bind/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (\n # 9.x < 9.9.8-P2/9.9.8-S3\n ver =~ \"^9\\.[0-8]\\.[0-9](([ab]|beta|rc|-[PS])[0-9]*)?$\" ||\n ver =~ \"^9\\.9\\.[0-7](([ab]|beta|rc|-[PS])[0-9]*)?$\" ||\n ver =~ \"^9\\.9\\.8((([ab]|beta|rc)[0-9]*)|(-P[0-1])|(-S[0-2]))?$\" ||\n # 9.10.x < 9.10.3-P2\n ver =~ \"^9\\.10\\.[0-2](([ab]|beta|rc|-[PS])[0-9]*)?$\" ||\n ver =~ \"^9\\.10\\.3((([ab]|beta|rc)[0-9]*)|(-P[0-1]))?$\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 9.9.8-P2 / 9.9.8-S3 / 9.10.3-P2' +\n '\\n';\n security_warning(port:53, proto:\"udp\", extra:report);\n }\n else security_warning(port:53, proto:\"udp\");\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"BIND\", 53, ver, \"UDP\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openwrt": [{"lastseen": "2016-09-26T15:45:23", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8704", "CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "description": "The bind package has been rebuilt and was uploaded to the Chaos Calmer\n15.05 repository due to multiple security issues.\n\n\nVERSION\n\n9.9.7-P3-1 => 9.9.8-P3-1\n\n\nCHANGELOG\n\n[Sun, 24 Jan 2016 12:43:29 +0100 41dcf83]\n\nFixes:\n * CVE-2015-8704\n * CVE-2015-3193\n * CVE-2015-8000\n * CVE-2015-8461\n\n\nCHANGES\n\n net/bind/Makefile | 4 ++--\n 1 file changed, 2 insertions(+), 2 deletions(-)", "edition": 1, "modified": "2016-01-24T13:33:41", "published": "2016-01-24T13:33:41", "id": "OPENWRT-SA-000001", "href": "https://lists.openwrt.org/pipermail/openwrt-security-announce/2016-January/000001.html", "type": "openwrt", "title": "bind: Security update (4 CVEs)", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2020-03-17T22:58:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-12-16T00:00:00", "id": "OPENVAS:1361412562310120621", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120621", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-631)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120621\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-12-16 11:39:19 +0200 (Wed, 16 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-631)\");\n script_tag(name:\"insight\", value:\"An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible and could be used as a denial-of-service vector against servers performing recursive queries. (CVE-2015-8000 )CVE-2015-8461 was also issued today for bind, but the Amazon Linux AMI's version of bind is not impacted by that CVE.\");\n script_tag(name:\"solution\", value:\"Run yum update bind to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-631.html\");\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.30.rc1.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-12-23T00:00:00", "id": "OPENVAS:1361412562310806916", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806916", "type": "openvas", "title": "Fedora Update for bind-dyndb-ldap FEDORA-2015-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind-dyndb-ldap FEDORA-2015-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806916\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-23 05:38:47 +0100 (Wed, 23 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind-dyndb-ldap FEDORA-2015-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind-dyndb-ldap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind-dyndb-ldap on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174250.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n if ((res = isrpmvuln(pkg:\"bind-dyndb-ldap\", rpm:\"bind-dyndb-ldap~7.0~6.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-12-23T00:00:00", "id": "OPENVAS:1361412562310806918", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806918", "type": "openvas", "title": "Fedora Update for bind FEDORA-2015-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2015-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806918\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-23 05:38:31 +0100 (Wed, 23 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind FEDORA-2015-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174251.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.10.3~7.P2.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-12-23T00:00:00", "id": "OPENVAS:1361412562310806919", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806919", "type": "openvas", "title": "Fedora Update for dnsperf FEDORA-2015-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsperf FEDORA-2015-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806919\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-23 05:38:44 +0100 (Wed, 23 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\", \"CVE-2015-8461\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dnsperf FEDORA-2015-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsperf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"dnsperf on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n if ((res = isrpmvuln(pkg:\"dnsperf\", rpm:\"dnsperf~2.0.0.0~19.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-11T19:37:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8461"], "description": "The host is installed with ISC BIND and is\n prone to remote denial of service vulnerability.", "modified": "2019-12-10T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310806998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806998", "type": "openvas", "title": "ISC BIND Denial of Service Vulnerability - 04 - Jan16", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ISC BIND Denial of Service Vulnerability - 04 - Jan16\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:isc:bind\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806998\");\n script_version(\"2019-12-10T15:03:15+0000\");\n script_cve_id(\"CVE-2015-8461\");\n script_bugtraq_id(79347);\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 15:03:15 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 15:07:28 +0530 (Wed, 27 Jan 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"ISC BIND Denial of Service Vulnerability - 04 - Jan16\");\n\n script_tag(name:\"summary\", value:\"The host is installed with ISC BIND and is\n prone to remote denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to a race condition\n in 'resolver.c' script when handling socket errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"ISC BIND versions 9.9.8 through 9.9.8-P1,\n 9.9.8-S1 through 9.9.8-S2, 9.10.3 through 9.10.3-P1.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to ISC BIND version 9.9.8-P2 or\n 9.9.8-S3 or 9.10.3-P2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/aa-01319\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"bind_version.nasl\");\n script_mandatory_keys(\"isc/bind/detected\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif(version_in_range(version:version, test_version:\"9.9.8\", test_version2:\"9.9.8p1\"))\n{\n fix = \"9.9.8-P2\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:version, test_version:\"9.9.8s1\", test_version2:\"9.9.8s2\"))\n{\n fix = \"9.9.8-S3\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:version, test_version:\"9.10.3\", test_version2:\"9.10.3p1\"))\n{\n fix = \"9.10.3-P2\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:version, fixed_version:fix);\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-12-17T00:00:00", "id": "OPENVAS:1361412562310871528", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871528", "type": "openvas", "title": "RedHat Update for bind RHSA-2015:2655-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2015:2655-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871528\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-17 05:07:42 +0100 (Thu, 17 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for bind RHSA-2015:2655-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND)\nis an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS\nserver (named) a resolver library (routines for applications to use when\ninterfacing with DNS) and tools for verifying that the DNS server is operating\ncorrectly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2655-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-December/msg00042.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind-license\", rpm:\"bind-license~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-lite\", rpm:\"bind-libs-lite~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11\", rpm:\"bind-pkcs11~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-libs\", rpm:\"bind-pkcs11-libs~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-pkcs11-utils\", rpm:\"bind-pkcs11-utils~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.4~29.el7_2.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.37.rc1.el6_7.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.37.rc1.el6_7.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.8.2~0.37.rc1.el6_7.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.37.rc1.el6_7.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.37.rc1.el6_7.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "description": "Mageia Linux Local Security Checks mgasa-2015-0481", "modified": "2019-03-18T00:00:00", "published": "2015-12-21T00:00:00", "id": "OPENVAS:1361412562310131159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131159", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0481", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0481.nasl 14289 2019-03-18 16:38:27Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131159\");\n script_version(\"$Revision: 14289 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-21 14:43:00 +0200 (Mon, 21 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:38:27 +0100 (Mon, 18 Mar 2019) $\");\n\n script_name(\"Mageia Linux Local Check: mgasa-2015-0481\");\n\n script_tag(name:\"insight\", value:\"An error in the parsing of incoming responses allows some records with an\nincorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE\nassertion failure when those records are subsequently cached. Intentional exploitation of this condition is\npossible and could be used as a denial-of-service vector against servers performing recursive queries\n(CVE-2015-8000).\");\n\n script_tag(name:\"solution\", value:\"update software\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0481.html\");\n script_cve_id(\"CVE-2015-8000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0481\");\n script_copyright(\"Eero Volotinen\");\n\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.10.3.P2~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\n\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-12-16T00:00:00", "id": "OPENVAS:1361412562310842559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842559", "type": "openvas", "title": "Ubuntu Update for bind9 USN-2837-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for bind9 USN-2837-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842559\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-16 05:50:32 +0100 (Wed, 16 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for bind9 USN-2837-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind9'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Bind incorrectly\nhandled responses with malformed class attributes. A remote attacker could use\nthis issue to cause Bind to crash, resulting in a denial of service.\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 15.10,\n Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2837-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2837-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-9ubuntu0.4\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-3ubuntu0.6\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.14\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-11ubuntu1.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:34:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2016-02-02T00:00:00", "id": "OPENVAS:1361412562310851184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851184", "type": "openvas", "title": "openSUSE: Security Advisory for bind (openSUSE-SU-2015:2365-1)", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851184\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-02-02 17:16:17 +0100 (Tue, 02 Feb 2016)\");\n script_cve_id(\"CVE-2015-8000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for bind (openSUSE-SU-2015:2365-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861). This update was imported from the\n SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"bind on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2015:2365-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd\", rpm:\"bind-lwresd~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd-debuginfo\", rpm:\"bind-lwresd-debuginfo~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.9.6P1~27.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8000"], "description": "Check the version of bind", "modified": "2019-03-08T00:00:00", "published": "2015-12-17T00:00:00", "id": "OPENVAS:1361412562310882348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882348", "type": "openvas", "title": "CentOS Update for bind CESA-2015:2656 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2015:2656 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882348\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-17 05:08:44 +0100 (Thu, 17 Dec 2015)\");\n script_cve_id(\"CVE-2015-8000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for bind CESA-2015:2656 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of bind\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND)\nis an implementation of the Domain Name System (DNS) protocols. BIND includes a\nDNS server (named) a resolver library (routines for applications to use when\ninterfacing with DNS) and tools for verifying that the DNS server is operating\ncorrectly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"bind on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:2656\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-December/021551.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~25.P1.el5_11.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-12-19T18:29:22", "published": "2015-12-19T18:29:22", "id": "FEDORA:80F91601CFBE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind-9.10.3-7.P2.fc23", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2015-12-19T18:29:22", "published": "2015-12-19T18:29:22", "id": "FEDORA:934DA601D70A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: dnsperf-2.0.0.0-19.fc23", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "modified": "2015-12-19T18:29:20", "published": "2015-12-19T18:29:20", "id": "FEDORA:DECCD6078F56", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind-dyndb-ldap-8.0-4.fc23", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "modified": "2015-12-22T07:25:05", "published": "2015-12-22T07:25:05", "id": "FEDORA:A73E5606E7FB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: bind-dyndb-ldap-7.0-6.fc22", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-12-22T07:25:05", "published": "2015-12-22T07:25:05", "id": "FEDORA:BB1F86069A50", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: bind-9.10.3-7.P2.fc22", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000", "CVE-2015-8461"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2015-12-22T07:25:05", "published": "2015-12-22T07:25:05", "id": "FEDORA:AFC27606D3FB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: dnsperf-2.0.0.0-19.fc22", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "DHCP (Dynamic Host Configuration Protocol) ", "modified": "2015-12-28T23:57:55", "published": "2015-12-28T23:57:55", "id": "FEDORA:8B49C6087C56", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: dhcp-4.3.2-6.fc22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2015-12-28T23:57:55", "published": "2015-12-28T23:57:55", "id": "FEDORA:828D26087C52", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: bind99-9.9.8-1.P2.fc22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "DHCP (Dynamic Host Configuration Protocol) ", "modified": "2015-12-19T18:28:55", "published": "2015-12-19T18:28:55", "id": "FEDORA:6EFAD60799E0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: dhcp-4.3.3-7.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2015-12-19T18:28:55", "published": "2015-12-19T18:28:55", "id": "FEDORA:AAB4360779B9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind99-9.9.8-1.P2.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:16", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "description": "**Issue Overview:**\n\nAn error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible and could be used as a denial-of-service vector against servers performing recursive queries. ([CVE-2015-8000 __](<https://access.redhat.com/security/cve/CVE-2015-8000>))\n\n[CVE-2015-8461 __](<https://access.redhat.com/security/cve/CVE-2015-8461>) was also issued today for bind, but the Amazon Linux AMI's version of bind is not impacted by that CVE.\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-utils-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-debuginfo-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-sdb-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-devel-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-libs-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-chroot-9.8.2-0.37.rc1.42.amzn1.i686 \n \n src: \n bind-9.8.2-0.37.rc1.42.amzn1.src \n \n x86_64: \n bind-utils-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-sdb-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-debuginfo-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-libs-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-chroot-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-devel-9.8.2-0.37.rc1.42.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-12-15T13:00:00", "published": "2015-12-15T13:00:00", "id": "ALAS-2015-631", "href": "https://alas.aws.amazon.com/ALAS-2015-631.html", "title": "Critical: bind", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "hackerone": [{"lastseen": "2019-01-28T00:16:50", "bulletinFamily": "bugbounty", "bounty": 1000.0, "cvelist": ["CVE-2015-3193"], "description": "For certain inputs OpenSSL's BN_mod_exp function (which is used for RSA and Diffie Hellman) can produce wrong results.\nThe issue has been fixed by OpenSSL and rated moderate severity:\nhttps://openssl.org/news/secadv/20151203.txt\n\nA code example is here:\nhttps://github.com/hannob/bignum-fuzz/blob/master/CVE-2015-3193-openssl-vs-gcrypt-modexp.c\n\nSome more info:\nhttps://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html", "modified": "2016-04-12T12:09:49", "published": "2016-04-04T11:54:00", "id": "H1:128169", "href": "https://hackerone.com/reports/128169", "type": "hackerone", "title": "OpenSSL (IBB): BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)", "cvss": {"score": 0.0, "vector": "NONE"}}], "centos": [{"lastseen": "2019-12-20T18:27:06", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "**CentOS Errata and Security Advisory** CESA-2015:2658\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/033588.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2658.html", "edition": 3, "modified": "2015-12-16T20:24:27", "published": "2015-12-16T20:24:27", "href": "http://lists.centos.org/pipermail/centos-announce/2015-December/033588.html", "id": "CESA-2015:2658", "title": "bind97 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:25:56", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "**CentOS Errata and Security Advisory** CESA-2015:2655\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/033584.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/033587.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-libs-lite\nbind-license\nbind-lite-devel\nbind-pkcs11\nbind-pkcs11-devel\nbind-pkcs11-libs\nbind-pkcs11-utils\nbind-sdb\nbind-sdb-chroot\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2655.html", "edition": 3, "modified": "2015-12-16T20:19:17", "published": "2015-12-16T20:01:41", "href": "http://lists.centos.org/pipermail/centos-announce/2015-December/033584.html", "id": "CESA-2015:2655", "title": "bind security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "[32:9.8.2-0.44.rc1.5]\n- Fix CVE-2015-8000", "edition": 4, "modified": "2015-12-16T00:00:00", "published": "2015-12-16T00:00:00", "id": "ELSA-2015-2655", "href": "http://linux.oracle.com/errata/ELSA-2015-2655.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update fixes the following security issue:\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n It also fixes a bug:\n - Fix a regression in caching entries with a TTL of 0 (bsc#923281).\n\n", "edition": 1, "modified": "2015-12-22T16:28:13", "published": "2015-12-22T16:28:13", "id": "SUSE-SU-2015:2340-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:19:18", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861). This update was imported from the\n SUSE:SLE-12-SP1:Update update project.\n\n", "edition": 1, "modified": "2015-12-25T19:10:40", "published": "2015-12-25T19:10:40", "id": "OPENSUSE-SU-2015:2365-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:27:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n", "edition": 1, "modified": "2015-12-22T16:29:01", "published": "2015-12-22T16:29:01", "id": "SUSE-SU-2015:2341-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:50:20", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n", "edition": 1, "modified": "2015-12-25T03:10:39", "published": "2015-12-25T03:10:39", "id": "SUSE-SU-2015:2359-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:19:41", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (boo#958861).\n\n", "edition": 1, "modified": "2015-12-29T17:11:00", "published": "2015-12-29T17:11:00", "id": "OPENSUSE-SU-2015:2391-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:57:23", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (boo#958861).\n\n", "edition": 1, "modified": "2015-12-25T19:10:25", "published": "2015-12-25T19:10:25", "id": "OPENSUSE-SU-2015:2364-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "Package : bind9\nVersion : 1:9.7.3.dfsg-1~squeeze18\nCVE ID : CVE-2015-8000\n\nIt was discovered that the BIND DNS server does not properly handle the\nparsing of incoming responses, allowing some records with an incorrect\nclass to be accepted by BIND instead of being rejected as malformed.\nThis can trigger a REQUIRE assertion failure when those records are\nsubsequently cached. A remote attacker can exploit this flaw to cause a\ndenial of service against servers performing recursive queries.\n\n", "edition": 7, "modified": "2015-12-16T23:15:35", "published": "2015-12-16T23:15:35", "id": "DEBIAN:DLA-370-1:2205A", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201512/msg00012.html", "title": "[SECURITY] [DLA 370-1] bind9 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-12T00:51:25", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3420-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 15, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nCVE ID : CVE-2015-8000\nDebian Bug : 808081\n\nIt was discovered that the BIND DNS server does not properly handle the\nparsing of incoming responses, allowing some records with an incorrect\nclass to be accepted by BIND instead of being rejected as malformed.\nThis can trigger a REQUIRE assertion failure when those records are\nsubsequently cached. A remote attacker can exploit this flaw to cause a\ndenial of service against servers performing recursive queries.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1:9.8.4.dfsg.P1-6+nmu2+deb7u8.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1:9.9.5.dfsg-9+deb8u4.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2015-12-15T21:04:05", "published": "2015-12-15T21:04:05", "id": "DEBIAN:DSA-3420-1:0BF5D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00325.html", "title": "[SECURITY] [DSA 3420-1] bind9 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "It was discovered that Bind incorrectly handled responses with malformed \nclass attributes. A remote attacker could use this issue to cause Bind to \ncrash, resulting in a denial of service.", "edition": 5, "modified": "2015-12-15T00:00:00", "published": "2015-12-15T00:00:00", "id": "USN-2837-1", "href": "https://ubuntu.com/security/notices/USN-2837-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "aix": [{"lastseen": "2020-04-22T00:52:13", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Thu Feb 25 09:58:38 CST 2016 \n|Updated: Wed Dec 6 10:17:27 CST 2017 \n|Update: Changed the impacted fileset for AIX 7.2 from bos.net.tcp.client\n| to bos.net.tcp.bind_utils.\n\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\nhttps://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\nftp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\n\n\nSecurity Bulletin: Vulnerability in BIND affects AIX (CVE-2015-8000)\n\n\n===============================================================================\n\nSUMMARY:\n\n There is a vulnerability in BIND that impacts AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2015-8000\n DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an \n error in db.c when parsing incoming responses. A remote attacker could \n exploit this vulnerability to trigger a REQUIRE assertion failure and \n cause a denial of service.\n CVSS Base Score: 7.5\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/108948 for more\n information.\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n \n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2.x\n\n The following fileset levels are vulnerable:\n \n key_fileset = aix\n\n Fileset Lower Level Upper Level KEY \n ---------------------------------------------------------\n bos.net.tcp.client 5.3.12.0 5.3.12.10 key_w_fs\n bos.net.tcp.server 5.3.12.0 5.3.12.6 key_w_fs\n bos.net.tcp.client 6.1.9.0 6.1.9.101 key_w_fs\n bos.net.tcp.client 7.1.3.0 7.1.3.46 key_w_fs\n bos.net.tcp.client 7.1.4.0 7.1.4.0 key_w_fs\n| bos.net.tcp.bind_utils 7.2.0.0 7.2.0.0 key_w_fs\n \n Note: to find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ------------------------------------------------\n 5.3.12 IV80187 N/A key_w_apar\n 6.1.9 IV80188 5/20/16 SP7 key_w_apar\n 7.1.3 IV80189 8/24/16 SP7 key_w_apar\n 7.1.4 IV80191 5/20/16 SP2 key_w_apar\n 7.2.0 IV80192 5/20/16 SP2 key_w_apar\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV80188\n http://www.ibm.com/support/docview.wss?uid=isg1IV80189\n http://www.ibm.com/support/docview.wss?uid=isg1IV80191\n http://www.ibm.com/support/docview.wss?uid=isg1IV80192\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available.\n\n The fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar\n http://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar\n https://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n \n \n AIX Level Interim Fix (*.Z) KEY\n ----------------------------------------------\n 5.3.12.9 IV80187m9a.160203.epkg.Z key_w_fix\n 6.1.9.6 IV80188s6a.160204.epkg.Z key_w_fix\n 7.1.3.5 IV80189m5a.160204.epkg.Z key_w_fix\n 7.1.4.1 IV80191s1a.160203.epkg.Z key_w_fix\n 7.2.0.1 IV80192s1a.160203.epkg.Z key_w_fix\n \n VIOS Level Interim Fix (*.Z) KEY\n -----------------------------------------------\n 2.2.4.0 IV80188s6a.160204.epkg.Z key_w_fix \n \n\n To extract the fixes from the tar file:\n\n tar xvf bind_fix10.tar\n cd bind_fix10\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the followng:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n d4a20706824a25e28f82d93bc7560d68d41f82109ee313b65694827b9bc143ba IV80187m9a.160203.epkg.Z key_w_csum\n c406a9e8c38ae6bcc7d9be89b6608cc408dfea923db7d11c482c2c3d7c11beea IV80188s6a.160204.epkg.Z key_w_csum\n fe01e0b9d4564d29ac26bbfa0da3d1c0e51f848b6b94ea0d58e767cead9c792f IV80189m5a.160204.epkg.Z key_w_csum\n 4b085c6cbdc5bf716cf5202a2b0d6c3b9e918095991f9beafc611b8c22c61ee1 IV80191s1a.160203.epkg.Z key_w_csum\n 19e153bc0d753f3c6f521bf87929eeef59d55e7e01e53977d37ff4d5a1bdedff IV80192s1a.160203.epkg.Z key_w_csum\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n openssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n Note: Keywords labeled as KEY in this document are used for parsing\n purposes.\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\nhttp://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v3 Guide: http://www.first.org/cvss/user-guide\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n\n\nACKNOWLEDGEMENTS:\n\n None \n\n\nCHANGE HISTORY:\n\n First Issued: Thu Feb 25 09:58:38 CST 2016 \n Updated: Tue Mar 1 09:10:59 CST 2016\n Update: Modified the impacted upper level filesets for 7.1.3\n| Updated: Wed Dec 6 10:17:27 CST 2017\n| Update: Changed the impacted fileset for AIX 7.2 from bos.net.tcp.client\n| to bos.net.tcp.bind_utils.\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n", "edition": 17, "modified": "2017-12-06T10:17:27", "published": "2016-02-25T09:58:38", "id": "BIND_ADVISORY10.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc", "title": "Vulnerability in BIND affects AIX,Vulnerability in BIND affects VIOS", "type": "aix", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:58", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T12:06:37", "published": "2015-12-16T05:00:00", "id": "RHSA-2015:2658", "href": "https://access.redhat.com/errata/RHSA-2015:2658", "type": "redhat", "title": "(RHSA-2015:2658) Important: bind97 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:44:35", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T12:09:25", "published": "2015-12-16T05:00:00", "id": "RHSA-2015:2656", "href": "https://access.redhat.com/errata/RHSA-2015:2656", "type": "redhat", "title": "(RHSA-2015:2656) Important: bind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:05", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8000"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2018-06-06T20:24:16", "published": "2015-12-16T05:00:00", "id": "RHSA-2015:2655", "href": "https://access.redhat.com/errata/RHSA-2015:2655", "type": "redhat", "title": "(RHSA-2015:2655) Important: bind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}