ID FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL Type nessus Reporter Tenable Modified 2017-07-05T00:00:00
Description
ISC reports :
Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.
Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]
Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987]
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2017 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
# copyright notice, this list of conditions and the following
# disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
# published online in any format, converted to PDF, PostScript,
# RTF and other formats) must reproduce the above copyright
# notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
#
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
include("compat.inc");
if (description)
{
script_id(87387);
script_version("$Revision: 2.9 $");
script_cvs_date("$Date: 2017/07/05 14:03:58 $");
script_cve_id("CVE-2015-3193", "CVE-2015-8000", "CVE-2015-8461");
script_xref(name:"FreeBSD", value:"SA-15:27.bind");
script_name(english:"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)");
script_summary(english:"Checks for updated packages in pkg_info output");
script_set_attribute(
attribute:"synopsis",
value:
"The remote FreeBSD host is missing one or more security-related
updates."
);
script_set_attribute(
attribute:"description",
value:
"ISC reports :
Named is potentially vulnerable to the OpenSSL vulnerability described
in CVE-2015-3193.
Incorrect reference counting could result in an INSIST failure if a
socket error occurred while performing a lookup. This flaw is
disclosed in CVE-2015-8461. [RT#40945]
Insufficient testing when parsing a message allowed records with an
incorrect class to be be accepted, triggering a REQUIRE failure when
those records were subsequently cached. This flaw is disclosed in
CVE-2015-8000. [RT #40987]"
);
# https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?06404c1c"
);
# https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?b6276ea6"
);
# https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?076d928a"
);
# http://www.freebsd.org/ports/portaudit/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?490ef0d0"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind9-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind910");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind99");
script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/24");
script_set_attribute(attribute:"patch_publication_date", value:"2015/12/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.");
script_family(english:"FreeBSD Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
exit(0);
}
include("audit.inc");
include("freebsd_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (pkg_test(save_report:TRUE, pkg:"bind99<9.9.8P2")) flag++;
if (pkg_test(save_report:TRUE, pkg:"bind910<9.10.3P2")) flag++;
if (pkg_test(save_report:TRUE, pkg:"bind9-devel<9.11.0.a20151215")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"published": "2015-12-16T00:00:00", "id": "FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "history": [{"differentElements": ["description", "modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:24:43", "bulletin": {"published": "2015-12-16T00:00:00", "id": "FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "history": [], "enchantments": {}, "hash": "10d98a71f630006b663e4765bf329ed857593c64a5443885551efb38bfbc7e37", "description": "ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerabilty described in CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987]", "type": "nessus", "pluginID": "87387", "lastseen": "2016-09-26T17:24:43", "edition": 1, "title": "FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87387", "modified": "2016-08-10T00:00:00", "bulletinFamily": "scanner", "viewCount": 3, "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "references": ["http://www.nessus.org/u?b6276ea6", "http://www.nessus.org/u?06404c1c", "http://www.nessus.org/u?490ef0d0", "http://www.nessus.org/u?076d928a"], "naslFamily": "FreeBSD Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87387);\n script_version(\"$Revision: 2.8 $\");\n script_cvs_date(\"$Date: 2016/08/10 13:36:30 $\");\n\n script_cve_id(\"CVE-2015-3193\", \"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FreeBSD\", value:\"SA-15:27.bind\");\n\n script_name(english:\"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerabilty described\nin CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a\nsocket error occurred while performing a lookup. This flaw is\ndisclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an\nincorrect class to be be accepted, triggering a REQUIRE failure when\nthose records were subsequently cached. This flaw is disclosed in\nCVE-2015-8000. [RT #40987]\"\n );\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06404c1c\"\n );\n # https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6276ea6\"\n );\n # https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?076d928a\"\n );\n # http://www.freebsd.org/ports/portaudit/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?490ef0d0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind910\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99<9.9.8P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind910<9.10.3P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-devel<9.11.0.a20151215\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "d992e5aee9f0a3f4151ef45f534dad11", "key": "sourceData"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9801322cf2f5d98aeacab510d4939521", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "fe431d002c3234b19fc0c7c4c23ca999", "key": "published"}, {"hash": "cc056b1a6ed9b5eb4a51dd860eaacb87", "key": "pluginID"}, {"hash": "e030da1b5959360b59657e70e9d3b928", "key": "references"}, {"hash": "7537cd7d2597de530e9abe30c0831669", "key": "description"}, {"hash": "8eb5138115d4a83e4709edcd5ae7bffa", "key": "cvelist"}, {"hash": "7fb370b46ea00e1bb3d4bc7ba580a058", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "dd4bcc04d0e735ebd217feaf0d91b2ff", "key": "title"}], "objectVersion": "1.2"}}, {"differentElements": ["cpe"], "edition": 2, "lastseen": "2017-07-05T21:46:41", "bulletin": {"enchantments": {}, "published": "2015-12-16T00:00:00", "id": "FREEBSD_PKG_A8EC4DB7A39811E585E914DAE9D210B8.NASL", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "history": [], "cpe": [], "hash": "08e378d1f11b5baa1a4e3fd822359100c80e3336a65b9d284ffefbff843b2983", "description": "ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987]", "type": "nessus", "pluginID": "87387", "lastseen": "2017-07-05T21:46:41", "edition": 2, "title": "FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87387", "modified": "2017-07-05T00:00:00", "bulletinFamily": "scanner", "viewCount": 3, "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "references": ["http://www.nessus.org/u?b6276ea6", "http://www.nessus.org/u?06404c1c", "http://www.nessus.org/u?490ef0d0", "http://www.nessus.org/u?076d928a"], "naslFamily": "FreeBSD Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2017 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87387);\n script_version(\"$Revision: 2.9 $\");\n script_cvs_date(\"$Date: 2017/07/05 14:03:58 $\");\n\n script_cve_id(\"CVE-2015-3193\", \"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FreeBSD\", value:\"SA-15:27.bind\");\n\n script_name(english:\"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described\nin CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a\nsocket error occurred while performing a lookup. This flaw is\ndisclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an\nincorrect class to be be accepted, triggering a REQUIRE failure when\nthose records were subsequently cached. This flaw is disclosed in\nCVE-2015-8000. [RT #40987]\"\n );\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06404c1c\"\n );\n # https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6276ea6\"\n );\n # https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?076d928a\"\n );\n # http://www.freebsd.org/ports/portaudit/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?490ef0d0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind910\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99<9.9.8P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind910<9.10.3P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-devel<9.11.0.a20151215\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9801322cf2f5d98aeacab510d4939521", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e0f9f6bb48e08ba6af68fc7d31f7853f", "key": "modified"}, {"hash": "dddf69d5a1756ca2640f6b2713d83c32", "key": "description"}, {"hash": "fe431d002c3234b19fc0c7c4c23ca999", "key": "published"}, {"hash": "cc056b1a6ed9b5eb4a51dd860eaacb87", "key": "pluginID"}, {"hash": "e030da1b5959360b59657e70e9d3b928", "key": "references"}, {"hash": "8eb5138115d4a83e4709edcd5ae7bffa", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d4a649bbd7cca9ad29739dbca7359e00", "key": "sourceData"}, {"hash": "dd4bcc04d0e735ebd217feaf0d91b2ff", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.3"}}], "description": "ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987]", "hash": "439310156572639d3182676cb463ca70d85bcaf43b396dd9a180a21619e4b622", "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "pluginID": "87387", "lastseen": "2017-10-29T13:38:33", "edition": 3, "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:bind9-devel", "p-cpe:/a:freebsd:freebsd:bind99", "p-cpe:/a:freebsd:freebsd:bind910"], "title": "FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87387", "modified": "2017-07-05T00:00:00", "bulletinFamily": "scanner", "viewCount": 4, "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "references": ["http://www.nessus.org/u?b6276ea6", "http://www.nessus.org/u?06404c1c", "http://www.nessus.org/u?490ef0d0", "http://www.nessus.org/u?076d928a"], "naslFamily": "FreeBSD Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2017 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87387);\n script_version(\"$Revision: 2.9 $\");\n script_cvs_date(\"$Date: 2017/07/05 14:03:58 $\");\n\n script_cve_id(\"CVE-2015-3193\", \"CVE-2015-8000\", \"CVE-2015-8461\");\n script_xref(name:\"FreeBSD\", value:\"SA-15:27.bind\");\n\n script_name(english:\"FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described\nin CVE-2015-3193.\n\nIncorrect reference counting could result in an INSIST failure if a\nsocket error occurred while performing a lookup. This flaw is\ndisclosed in CVE-2015-8461. [RT#40945]\n\nInsufficient testing when parsing a message allowed records with an\nincorrect class to be be accepted, triggering a REQUIRE failure when\nthose records were subsequently cached. This flaw is disclosed in\nCVE-2015-8000. [RT #40987]\"\n );\n # https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06404c1c\"\n );\n # https://kb.isc.org/article/AA-01317/0/CVE-2015-8000%3A-Responses-with-a-malformed-class-attribute-can-trigger-an-assertion-failure-in-db.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6276ea6\"\n );\n # https://kb.isc.org/article/AA-01319/0/CVE-2015-8461%3A-A-race-condition-when-handling-socket-errors-can-lead-to-an-assertion-failure-in-resolver.c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?076d928a\"\n );\n # http://www.freebsd.org/ports/portaudit/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?490ef0d0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind910\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99<9.9.8P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind910<9.10.3P2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-devel<9.11.0.a20151215\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "733dc1b29c1a4d00314e0671706b3bf2", "key": "cpe"}, {"hash": "8eb5138115d4a83e4709edcd5ae7bffa", "key": "cvelist"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "dddf69d5a1756ca2640f6b2713d83c32", "key": "description"}, {"hash": "9801322cf2f5d98aeacab510d4939521", "key": "href"}, {"hash": "e0f9f6bb48e08ba6af68fc7d31f7853f", "key": "modified"}, {"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "cc056b1a6ed9b5eb4a51dd860eaacb87", "key": "pluginID"}, {"hash": "fe431d002c3234b19fc0c7c4c23ca999", "key": "published"}, {"hash": "e030da1b5959360b59657e70e9d3b928", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "d4a649bbd7cca9ad29739dbca7359e00", "key": "sourceData"}, {"hash": "dd4bcc04d0e735ebd217feaf0d91b2ff", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}
{"result": {"cve": [{"id": "CVE-2015-8461", "type": "cve", "title": "CVE-2015-8461", "description": "Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.", "published": "2015-12-16T10:59:02", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8461", "cvelist": ["CVE-2015-8461"], "lastseen": "2017-04-18T15:58:40"}, {"id": "CVE-2015-8000", "type": "cve", "title": "CVE-2015-8000", "description": "db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.", "published": "2015-12-16T10:59:01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8000", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-04-18T15:58:29"}, {"id": "CVE-2015-3193", "type": "cve", "title": "CVE-2015-3193", "description": "The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.", "published": "2015-12-06T15:59:02", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3193", "cvelist": ["CVE-2015-3193"], "lastseen": "2017-11-30T11:39:15"}], "f5": [{"id": "F5:K30673534", "type": "f5", "title": "BIND vulnerability CVE-2015-8461", "description": "\nF5 Product Development has assigned ID 561371 (BIG-IP) to this vulnerabilility, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<showcase?case=K167 >)\n", "published": "2015-12-16T21:11:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K30673534", "cvelist": ["CVE-2015-8461"], "lastseen": "2017-06-08T00:16:30"}, {"id": "SOL30673534", "type": "f5", "title": "SOL30673534 - BIND vulnerability CVE-2015-8461", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-12-16T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/30/sol30673534.html", "cvelist": ["CVE-2015-8461"], "lastseen": "2016-12-01T17:28:15"}, {"id": "F5:K34250741", "type": "f5", "title": "BIND vulnerability CVE-2015-8000", "description": "\nF5 Product Development has assigned ID 560180 (BIG-IP), ID 562693 (BIG-IQ), and ID 562695 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H562598 on the** Diagnostics **>** Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP AAM| 12.0.0 \n11.6.0 \n11.4.0 - 11.5.3| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10| High| BIND \nBIG-IP AFM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10| High| BIND \nBIG-IP Analytics| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP APM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP ASM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP DNS| 12.0.0| 12.1.0 \n12.0.0 HF3| High| BIND \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| 11.2.1 HF16| High| BIND \nBIG-IP GTM| 11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP Link Controller| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP PEM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n12.0.0 HF3 \n11.6.1 \n11.5.4 \n11.4.1 HF10| High| BIND \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| 11.4.1 HF10 \n11.2.1 HF16| High| BIND \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| 11.2.1 HF16| High| BIND \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| 11.2.1 HF16| High| BIND \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Low| BIND \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| BIND \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| BIND \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| BIND \nBIG-IQ ADC| 4.5.0| None| Low| BIND \nBIG-IQ Centralized Management| 4.6.0| None| Low| BIND \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| BIND \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf you are running a version listed in the** Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you must disable the use of recursion in the BIND configuration. You can perform the following procedures to determine if recursion has been manually enabled, and disable it if it has been enabled.\n\nDetermining if recursion has been manually enabled on the system\n\n**Impact of action:** Performing the following procedure should not have a negative impact on your system.\n\n 1. Log in to the BIG-IP command line.\n 2. Type the following command: \n\ngrep recursion /var/named/config/named.conf\n\n 3. If the command returns the following response, recursion has been enabled, and you should perform the following, **Mitigating the vulnerability** procedure. \n\nrecursion yes;\n\nIf the command returns the following response, recursion has not been enabled, and the system is not vulnerable. \n\nrecursion no;\n\nMitigating the vulnerability\n\nTo mitigate this vulnerability, you can turn recursion off in the **named.conf** file. To do so, perform the following procedure:\n\n**Impact of action:** This modification requires a change to your configuration. F5 recommends that you test the modified configuration in an appropriate environment before implementing it.\n\n 1. Log in to the BIG-IP command line.\n 2. Change directories to the **/var/named/config **directory by typing the following command: \n\ncd /var/named/config\n\n 3. Create a backup of the **named.conf** file by typing the following command: \n\ncp named.conf named.conf.SOL34250741\n\n 4. To edit the **named.conf** file, locate the** recursion** option. \nFor example: \n\nrecursion yes;\n\n 5. Change the **recursion** option to** no.** \nFor example: \n\nrecursion no;\n\n 6. Save the changes to the **named.conf** file.\n 7. Restart **named **to allow the changes to reload by typing the following command: \n\nbigstart restart named\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2015-12-16T22:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K34250741", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-06-08T00:16:05"}, {"id": "SOL34250741", "type": "f5", "title": "SOL34250741 - BIND vulnerability CVE-2015-8000", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the** Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you must disable the use of recursion in the BIND configuration. You can perform the following procedures to determine if recursion has been manually enabled, and disable it if it has been enabled.\n\nDetermining if recursion has been manually enabled on the system\n\n**Impact of action:** Performing the following procedure should not have a negative impact on your system.\n\n 1. Log in to the BIG-IP command line.\n 2. Type the following command: \n\ngrep recursion /var/named/config/named.conf\n\n 3. If the command returns the following response, recursion has been enabled, and you should perform the following, **Mitigating the vulnerability** procedure. \n\nrecursion yes;\n\nIf the command returns the following response, recursion has not been enabled, and the system is not vulnerable. \n\nrecursion no;\n\nMitigating the vulnerability\n\nTo mitigate this vulnerability, you can turn recursion off in the **named.conf** file. To do so, perform the following procedure:\n\n**Impact of action:** This modification requires a change to your configuration. F5 recommends that you test the modified configuration in an appropriate environment before implementing it.\n\n 1. Log in to the BIG-IP command line.\n 2. Change directories to the **/var/named/config **directory by typing the following command: \n\ncd /var/named/config\n\n 3. Create a backup of the **named.conf** file by typing the following command: \n\ncp named.conf named.conf.SOL34250741\n\n 4. To edit the **named.conf** file, locate the** recursion** option. \nFor example: \n\nrecursion yes;\n\n 5. Change the **recursion** option to** no.** \nFor example: \n\nrecursion no;\n\n 6. Save the changes to the **named.conf** file.\n 7. Restart **named **to allow the changes to reload by typing the following command: \n\nbigstart restart named\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-12-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/34/sol34250741.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-26T17:22:50"}, {"id": "F5:K30714460", "type": "f5", "title": "OpenSSL vulnerability CVE-2015-3193", "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.4.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2015-12-04T21:16:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://support.f5.com/csp/article/K30714460", "cvelist": ["CVE-2015-3193"], "lastseen": "2017-06-08T00:16:39"}, {"id": "SOL30714460", "type": "f5", "title": "SOL30714460 - OpenSSL vulnerability CVE-2015-3193", "description": "Supplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2015-12-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/30/sol30714460.html", "cvelist": ["CVE-2015-3193"], "lastseen": "2016-09-26T17:23:23"}, {"id": "SOL90542710", "type": "f5", "title": "SOL90542710 - OpenSSL vulnerabilities CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794", "description": "**Note**: This is a temporary index. When an article has been published for all of the CVEs listed in the previous table, this article may no longer be maintained, may be repurposed, or may be archived without advanced notice.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2015-12-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/90/sol90542710.html", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2016-05-09T01:00:37"}, {"id": "F5:K44512851", "type": "f5", "title": "OpenSSL vulnerability CVE-2017-3732", "description": "\nF5 Product Development has assigned IDs 645101 (BIG-IP) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H44512851 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 \n11.2.1 | Medium | iAppsLX (f5-rest-node) \nBIG-IP AAM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 | Medium | iAppsLX (f5-rest-node) \nBIG-IP AFM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 | Medium | iAppsLX (f5-rest-node) \nBIG-IP Analytics | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 | Medium | iAppsLX (f5-rest-node) \nBIG-IP APM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 | Medium | iAppsLX (f5-rest-node) \nBIG-IP ASM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 \n11.2.1 | Medium | iAppsLX (f5-rest-node) \nBIG-IP DNS | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 | Medium | iAppsLX (f5-rest-node) \nBIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.0 - 11.6.2 \n11.2.1 | Not vulnerable | None \nBIG-IP Link Controller | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 \n11.2.1 | Medium | iAppsLX (f5-rest-node) \nBIG-IP PEM | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.4.0 - 11.6.2 \n11.2.1 | Medium | iAppsLX (f5-rest-node) \nBIG-IP PSM | None | 11.4.0 - 11.4.1 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None \nBIG-IP WebSafe | 13.0.0 \n12.1.0 - 12.1.2 | 13.1.0 \n13.0.1 \n12.1.3 \n12.0.0 \n11.6.0 - 11.6.2 | Medium | iAppsLX (f5-rest-node) \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.1.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 - 2.0.2 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\n**BIG-IP**\n\nIf you are using the iAppsLX feature, you should note the following:\n\n * You can mitigate this issue by using only Elliptic Curve (EC) ciphers and disabling Diffie-Hellman (DHE) ciphers in your environment.\n * You can partially mitigate this issue by disabling DHE ciphers.\n\n_**Modifying the iAppsLX (f5-rest-node) cipher list to use only EC ciphers**_\n\nTo modify the cipher list to use only EC ciphers, use a text editor such as **vi** to add the following line to the end of the **/service/restnoded/run** file:\n\n**Note**: The following change will persist across reboots, but will not persist across software upgrades.\n\nexec /usr/bin/f5-rest-node /usr/share/rest/node/src/restnode.js --tls-cipher-list=\"ECDHE-RSA-AES128-GCM-SHA256:!RC4\" -p 8105 --logLevel finest -i ${LOG_FILE} -s none > /var/tmp/${service}.out 2>&1\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "published": "2017-02-17T00:02:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://support.f5.com/csp/article/K44512851", "cvelist": ["CVE-2015-3193", "CVE-2017-3732"], "lastseen": "2018-04-19T21:24:15"}, {"id": "F5:K34681653", "type": "f5", "title": "OpenSSL vulnerability CVE-2017-3738", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2018-01-26T19:08:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://support.f5.com/csp/article/K34681653", "cvelist": ["CVE-2016-0701", "CVE-2015-3193", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-3736"], "lastseen": "2018-01-26T20:54:32"}], "openvas": [{"id": "OPENVAS:1361412562310806998", "type": "openvas", "title": "ISC BIND Denial of Service Vulnerability - 04 - Jan16", "description": "The host is installed with ISC BIND and is\n prone to remote denial of service vulnerability.", "published": "2016-01-27T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806998", "cvelist": ["CVE-2015-8461"], "lastseen": "2017-07-02T21:13:09"}, {"id": "OPENVAS:1361412562310806919", "type": "openvas", "title": "Fedora Update for dnsperf FEDORA-2015-2", "description": "Check the version of dnsperf", "published": "2015-12-23T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806919", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-07-25T10:53:52"}, {"id": "OPENVAS:1361412562310806916", "type": "openvas", "title": "Fedora Update for bind-dyndb-ldap FEDORA-2015-2", "description": "Check the version of bind-dyndb-ldap", "published": "2015-12-23T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806916", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-07-25T10:52:54"}, {"id": "OPENVAS:1361412562310806918", "type": "openvas", "title": "Fedora Update for bind FEDORA-2015-2", "description": "Check the version of bind", "published": "2015-12-23T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806918", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-07-25T10:53:02"}, {"id": "OPENVAS:1361412562310120621", "type": "openvas", "title": "Amazon Linux Local Check: alas-2015-631", "description": "Amazon Linux Local Security Checks", "published": "2015-12-16T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120621", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-07-24T12:52:36"}, {"id": "OPENVAS:1361412562310882347", "type": "openvas", "title": "CentOS Update for bind97 CESA-2015:2658 centos5 ", "description": "Check the version of bind97", "published": "2015-12-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882347", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-07-25T10:53:13"}, {"id": "OPENVAS:1361412562310871528", "type": "openvas", "title": "RedHat Update for bind RHSA-2015:2655-01", "description": "Check the version of bind", "published": "2015-12-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871528", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-07-27T10:53:06"}, {"id": "OPENVAS:1361412562310871527", "type": "openvas", "title": "RedHat Update for bind97 RHSA-2015:2658-01", "description": "Check the version of bind97", "published": "2015-12-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871527", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-07-27T10:52:24"}, {"id": "OPENVAS:1361412562310703420", "type": "openvas", "title": "Debian Security Advisory DSA 3420-1 (bind9 - security update)", "description": "It was discovered that the BIND DNS server\ndoes not properly handle the parsing of incoming responses, allowing some records\nwith an incorrect class to be accepted by BIND instead of being rejected as malformed.\nThis can trigger a REQUIRE assertion failure when those records are\nsubsequently cached. A remote attacker can exploit this flaw to cause a\ndenial of service against servers performing recursive queries.", "published": "2015-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703420", "cvelist": ["CVE-2015-8000"], "lastseen": "2018-04-06T11:27:45"}, {"id": "OPENVAS:1361412562310842559", "type": "openvas", "title": "Ubuntu Update for bind9 USN-2837-1", "description": "Check the version of bind9", "published": "2015-12-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842559", "cvelist": ["CVE-2015-8000"], "lastseen": "2018-04-30T14:03:01"}], "nessus": [{"id": "BIND9_998_P2_2015_8461.NASL", "type": "nessus", "title": "ISC BIND 9.9.8 < 9.9.8-P2 / 9.10.3 < 9.10.3-P2 Socket Error Handling DoS", "description": "According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability due to a race condition that occurs when handling socket errors. An unauthenticated, remote attacker can exploit this to trigger an INSIST failure, resulting in a denial of service condition.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2015-12-18T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87503", "cvelist": ["CVE-2015-8461"], "lastseen": "2017-10-29T13:41:10"}, {"id": "FEDORA_2015-2DF40DE264.NASL", "type": "nessus", "title": "Fedora 22 : bind-9.10.3-7.P2.fc22 / bind-dyndb-ldap-7.0-6.fc22 / dnsperf-2.0.0.0-19.fc22 (2015-2df40de264)", "description": "security update\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-03-04T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=89192", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-10-29T13:34:57"}, {"id": "FEDORA_2015-09BF9E06EA.NASL", "type": "nessus", "title": "Fedora 23 : bind-9.10.3-7.P2.fc23 / bind-dyndb-ldap-8.0-4.fc23 / dnsperf-2.0.0.0-19.fc23 (2015-09bf9e06ea)", "description": "security fix\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-03-04T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=89136", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2017-10-29T13:36:33"}, {"id": "SLACKWARE_SSA_2015-349-01.NASL", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2015-349-01)", "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.", "published": "2015-12-16T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87375", "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "lastseen": "2017-10-29T13:40:00"}, {"id": "OPENSUSE-2015-950.NASL", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-2015-950)", "description": "This update for bind fixes the following security issue :\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861). This update was imported from the SUSE:SLE-12-SP1:Update update project.", "published": "2015-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87625", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:44:34"}, {"id": "SUSE_SU-2015-2359-1.NASL", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:2359-1)", "description": "This update for bind fixes the following security issue :\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87655", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:37:48"}, {"id": "AIX_IV80191.NASL", "type": "nessus", "title": "AIX 7.1 TL 4 : bind (IV80191) (deprecated)", "description": "ISC BIND is vulnerable to a denial of service, caused by an error in db.c when parsing incoming responses. A remote attacker could exploit this vulnerability to trigger a REQUIRE assertion failure and cause a denial of service.\n\nThis plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory10.nasl (plugin id 102122).", "published": "2016-02-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=88969", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:39:35"}, {"id": "AIX_IV80189.NASL", "type": "nessus", "title": "AIX 7.1 TL 3 : bind (IV80189) (deprecated)", "description": "ISC BIND is vulnerable to a denial of service, caused by an error in db.c when parsing incoming responses. A remote attacker could exploit this vulnerability to trigger a REQUIRE assertion failure and cause a denial of service.\n\nThis plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory10.nasl (plugin id 102122).", "published": "2016-02-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=88968", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:38:32"}, {"id": "SUSE_SU-2015-2340-1.NASL", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:2340-1)", "description": "This update fixes the following security issue :\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861).\n\nIt also fixes a bug :\n\n - Fix a regression in caching entries with a TTL of 0 (bsc#923281).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87652", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:34:11"}, {"id": "DEBIAN_DLA-370.NASL", "type": "nessus", "title": "Debian DLA-370-1 : bind9 security update", "description": "It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-12-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87427", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-29T13:40:42"}], "amazon": [{"id": "ALAS-2015-631", "type": "amazon", "title": "Critical: bind", "description": "**Issue Overview:**\n\nAn error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible and could be used as a denial-of-service vector against servers performing recursive queries. ([CVE-2015-8000 __](<https://access.redhat.com/security/cve/CVE-2015-8000>))\n\n[CVE-2015-8461 __](<https://access.redhat.com/security/cve/CVE-2015-8461>) was also issued today for bind, but the Amazon Linux AMI's version of bind is not impacted by that CVE.\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n bind-utils-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-debuginfo-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-sdb-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-devel-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-libs-9.8.2-0.37.rc1.42.amzn1.i686 \n bind-chroot-9.8.2-0.37.rc1.42.amzn1.i686 \n \n src: \n bind-9.8.2-0.37.rc1.42.amzn1.src \n \n x86_64: \n bind-utils-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-sdb-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-debuginfo-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-libs-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-chroot-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-9.8.2-0.37.rc1.42.amzn1.x86_64 \n bind-devel-9.8.2-0.37.rc1.42.amzn1.x86_64 \n \n \n", "published": "2015-12-15T13:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-631.html", "cvelist": ["CVE-2015-8461", "CVE-2015-8000"], "lastseen": "2016-09-28T21:03:56"}], "freebsd": [{"id": "A8EC4DB7-A398-11E5-85E9-14DAE9D210B8", "type": "freebsd", "title": "bind -- multiple vulnerabilities", "description": "\nISC reports:\n\nNamed is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.\nIncorrect reference counting could result in an INSIST\n\t failure if a socket error occurred while performing a lookup. This flaw\n\t is disclosed in CVE-2015-8461. [RT#40945]\nInsufficient testing when parsing a message allowed records\n\t with an incorrect class to be be accepted, triggering a REQUIRE failure\n\t when those records were subsequently cached. This flaw is disclosed in\n\t CVE-2015-8000. [RT #40987]\n\n", "published": "2015-11-24T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/a8ec4db7-a398-11e5-85e9-14dae9d210b8.html", "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "lastseen": "2017-07-04T22:15:44"}, {"id": "4C8D1D72-9B38-11E5-AECE-D050996490D0", "type": "freebsd", "title": "openssl -- multiple vulnerabilities", "description": "\nOpenSSL project reports:\n\n\nBN_mod_exp may produce incorrect results on x86_64\n\t (CVE-2015-3193)\nCertificate verify crash with missing PSS parameter\n\t (CVE-2015-3194)\nX509_ATTRIBUTE memory leak (CVE-2015-3195)\nRace condition handling PSK identify hint\n\t (CVE-2015-3196)\nAnon DH ServerKeyExchange with 0 p parameter\n\t (CVE-2015-1794)\n\n\n", "published": "2015-12-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/4c8d1d72-9b38-11e5-aece-d050996490d0.html", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2016-09-26T17:24:12"}], "slackware": [{"id": "SSA-2015-349-01", "type": "slackware", "title": "bind", "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/bind-9.9.8_P2-x86_64-1_slack14.1.txz: Upgraded.\n This update fixes three security issues:\n Update allowed OpenSSL versions as named is potentially vulnerable\n to CVE-2015-3193.\n Insufficient testing when parsing a message allowed records with an\n incorrect class to be be accepted, triggering a REQUIRE failure when\n those records were subsequently cached. (CVE-2015-8000)\n Address fetch context reference count handling error on socket error.\n (CVE-2015-8461)\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.8_P2-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.8_P2-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.8_P2-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.8_P2-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.8_P2-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.8_P2-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.8_P2-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.8_P2-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.3_P2-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.3_P2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\nef466df7b5c30de3b1823ae2ef7c0820 bind-9.9.8_P2-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n4d6fd1a921302be279fb00b8f3c5209f bind-9.9.8_P2-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nde9cea0aaf0123e1b480582a97b5a483 bind-9.9.8_P2-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n3d06836402ee2265194d819bf59ebef5 bind-9.9.8_P2-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n084270843411521f1d5f7dfee0faf05a bind-9.9.8_P2-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n2cb2bfdb94e52725bccecea29e5a5bc1 bind-9.9.8_P2-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\nb653a7dd7b8591ccbd434bb2ec2e395f bind-9.9.8_P2-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd6db5ba1f2c1ae0c99457b1866d9b752 bind-9.9.8_P2-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nffaf96b22a3148f23d6cb0349c4fa745 bind-9.9.8_P2-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n5382418d8d2044f567934b24f280592b bind-9.9.8_P2-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n8a998dd407304fb10e8df8c92655ff54 n/bind-9.10.3_P2-i586-1.txz\n\nSlackware x86_64 -current package:\n545b71ea3107b6a7796fb21cf1dfd311 n/bind-9.10.3_P2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.9.8_P2-i486-1_slack14.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "published": "2015-12-15T22:24:47", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966", "cvelist": ["CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "lastseen": "2018-02-02T18:11:34"}, {"id": "SSA-2015-349-04", "type": "slackware", "title": "openssl", "description": "New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz: Upgraded.\n This update fixes the following security issues:\n BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).\n Certificate verify crash with missing PSS parameter (CVE-2015-3194).\n X509_ATTRIBUTE memory leak (CVE-2015-3195).\n Race condition handling PSK identify hint (CVE-2015-3196).\n Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).\n For more information, see:\n https://openssl.org/news/secadv_20151203.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz: Upgraded.\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zh-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zh-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zh-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1q-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1q-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1q-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2e-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2e-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2e-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2e-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 packages:\n5e45a22283b41aaf4f867918746ebc1d openssl-0.9.8zh-i486-1_slack13.0.txz\n0ad74b36ce143d28e15dfcfcf1fcb483 openssl-solibs-0.9.8zh-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\nc360d323a2bed57c62d6699b2d4be65e openssl-0.9.8zh-x86_64-1_slack13.0.txz\n122240badbfbe51c842a9102d3cfe30f openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n1bf98b27573b20a7de5f6359f3eadbd7 openssl-0.9.8zh-i486-1_slack13.1.txz\n2b732f1f29de1cb6078fd1ddda8eb9ec openssl-solibs-0.9.8zh-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n735c3bbc55902ec57e46370cde32ea4b openssl-0.9.8zh-x86_64-1_slack13.1.txz\n483f506f3b86572e60fe4c46a67c226b openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n9af41ba336c64b92d5bbd86c17a93e94 openssl-0.9.8zh-i486-1_slack13.37.txz\nb83170b9c5ec56b4e2dc882b3c64b306 openssl-solibs-0.9.8zh-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n2220ff161d0bf3635d2dea7caae6e5e7 openssl-0.9.8zh-x86_64-1_slack13.37.txz\n17b3e8884f383e3327d5e4a6080634cb openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nced42bc3799f2b54aeb3b631a2864b90 openssl-1.0.1q-i486-1_slack14.0.txz\n52965f98ee30e8f3d22bde6b0fe7f53b openssl-solibs-1.0.1q-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\ncbf49f09bdcebc61cf7fcb2857dc3a71 openssl-1.0.1q-x86_64-1_slack14.0.txz\n156911f58b71ee6369467d8fec34a59f openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n36d5f60b634788d4315ffb46ef6d4d88 openssl-1.0.1q-i486-1_slack14.1.txz\nfc18f566a9a2f5c6adb15d288245403a openssl-solibs-1.0.1q-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n03f1832417a79f73b35180a39ae4fb16 openssl-1.0.1q-x86_64-1_slack14.1.txz\nbf447792f23deb14e1fe3f008a6b78a7 openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n27b2974199a970392ed2192bf4a207a9 a/openssl-solibs-1.0.2e-i586-1.txz\n940a7653a6cadb44ce143d3b0e0eaa16 n/openssl-1.0.2e-i586-1.txz\n\nSlackware x86_64 -current packages:\n8636a45f49d186d505b356b9be66309b a/openssl-solibs-1.0.2e-x86_64-1.txz\n87c33a76a94993864a52bfe4e5d5b2f0 n/openssl-1.0.2e-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-1.0.1q-i486-1_slack14.1.txz openssl-solibs-1.0.1q-i486-1_slack14.1.txz", "published": "2015-12-15T22:25:41", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2018-02-02T18:11:32"}], "openwrt": [{"id": "OPENWRT-SA-000001", "type": "openwrt", "title": "bind: Security update (4 CVEs)", "description": "The bind package has been rebuilt and was uploaded to the Chaos Calmer\n15.05 repository due to multiple security issues.\n\n\nVERSION\n\n9.9.7-P3-1 => 9.9.8-P3-1\n\n\nCHANGELOG\n\n[Sun, 24 Jan 2016 12:43:29 +0100 41dcf83]\n\nFixes:\n * CVE-2015-8704\n * CVE-2015-3193\n * CVE-2015-8000\n * CVE-2015-8461\n\n\nCHANGES\n\n net/bind/Makefile | 4 ++--\n 1 file changed, 2 insertions(+), 2 deletions(-)", "published": "2016-01-24T13:33:41", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://lists.openwrt.org/pipermail/openwrt-security-announce/2016-January/000001.html", "cvelist": ["CVE-2015-8704", "CVE-2015-8461", "CVE-2015-8000", "CVE-2015-3193"], "lastseen": "2016-09-26T15:45:23"}], "suse": [{"id": "SUSE-SU-2015:2341-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n", "published": "2015-12-22T16:29:01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T11:27:15"}, {"id": "OPENSUSE-SU-2015:2364-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (boo#958861).\n\n", "published": "2015-12-25T19:10:25", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T11:57:23"}, {"id": "SUSE-SU-2015:2359-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n", "published": "2015-12-25T03:10:39", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T11:50:20"}, {"id": "OPENSUSE-SU-2015:2391-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (boo#958861).\n\n", "published": "2015-12-29T17:11:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T12:19:41"}, {"id": "OPENSUSE-SU-2015:2365-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update for bind fixes the following security issue:\n\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861). This update was imported from the\n SUSE:SLE-12-SP1:Update update project.\n\n", "published": "2015-12-25T19:10:40", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T12:19:18"}, {"id": "SUSE-SU-2015:2340-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update fixes the following security issue:\n - CVE-2015-8000: Fix remote denial of service by misparsing incoming\n responses (bsc#958861).\n\n It also fixes a bug:\n - Fix a regression in caching entries with a TTL of 0 (bsc#923281).\n\n", "published": "2015-12-22T16:28:13", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T12:46:49"}, {"id": "SUSE-SU-2016:0227-1", "type": "suse", "title": "Security update for bind (important)", "description": "This update for bind fixes the following issues:\n\n * CVE-2015-8000: Remote denial of service by mis-parsing incoming\n responses. (bsc#958861)\n * CVE-2015-5722: DoS against servers performing validation on\n DNSSEC-signed records. (bsc#944066)\n * CVE-2015-5477: DoS against authoritative and recursive servers.\n * CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189)\n\n Security Issues:\n\n * CVE-2015-8000\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000</a>>\n * CVE-2015-5722\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722</a>>\n * CVE-2015-5477\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477</a>>\n * CVE-2015-8704\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704</a>>\n\n\n", "published": "2016-01-25T15:11:48", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html", "cvelist": ["CVE-2015-8704", "CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722"], "lastseen": "2016-09-04T12:08:02"}, {"id": "SUSE-SU-2017:3343-1", "type": "suse", "title": "Security update for openssl (important)", "description": "This update for openssl fixes the following issues:\n\n - OpenSSL Security Advisory [07 Dec 2017]\n * CVE-2017-3737: OpenSSL 1.0.2 (starting from version 1.0.2b) introduced\n an \\"error state\\" mechanism. The intent was that if a fatal error\n occurred during a handshake then OpenSSL would move into the error\n state and would immediately fail if you attempted to continue the\n handshake. This works as designed for the explicit handshake functions\n (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a\n bug it does not work correctly if SSL_read() or SSL_write() is called\n directly. In that scenario, if the handshake fails then a fatal error\n will be returned in the initial function call. If\n SSL_read()/SSL_write() is subsequently called by the application for\n the same SSL object then it will succeed and the data is passed\n without being decrypted/encrypted directly from the SSL/TLS record\n layer. In order to exploit this issue an application bug would have to\n be present that resulted in a call to SSL_read()/SSL_write() being\n issued after having already received a fatal error. OpenSSL version\n 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is\n not affected. (bsc#1071905)\n * CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery\n multiplication procedure used in exponentiation with 1024-bit moduli.\n No EC algorithms are affected. Analysis suggests that attacks against\n RSA and DSA as a result of this defect would be very difficult to\n perform and are not believed likely. Attacks against DH1024 are\n considered just feasible, because most of the work necessary to deduce\n information about a private key may be performed offline. The amount\n of resources required for such an attack would be significant.\n However, for an attack on TLS to be meaningful, the server would have\n to share the DH1024 private key among multiple clients, which is no\n longer an option since CVE-2016-0701. This only affects processors\n that support the AVX2 but not ADX extensions like Intel Haswell (4th\n generation). Note: The impact from this issue is similar to\n CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. (bsc#1071906)\n\n", "published": "2017-12-16T06:08:45", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00074.html", "cvelist": ["CVE-2016-0701", "CVE-2017-3737", "CVE-2015-3193", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-3736"], "lastseen": "2017-12-16T09:45:39"}, {"id": "OPENSUSE-SU-2017:3345-1", "type": "suse", "title": "Security update for openssl (important)", "description": "This update for openssl fixes the following issues:\n\n - OpenSSL Security Advisory [07 Dec 2017]\n * CVE-2017-3737: OpenSSL 1.0.2 (starting from version 1.0.2b) introduced\n an \\"error state\\" mechanism. The intent was that if a fatal error\n occurred during a handshake then OpenSSL would move into the error\n state and would immediately fail if you attempted to continue the\n handshake. This works as designed for the explicit handshake functions\n (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a\n bug it does not work correctly if SSL_read() or SSL_write() is called\n directly. In that scenario, if the handshake fails then a fatal error\n will be returned in the initial function call. If\n SSL_read()/SSL_write() is subsequently called by the application for\n the same SSL object then it will succeed and the data is passed\n without being decrypted/encrypted directly from the SSL/TLS record\n layer. In order to exploit this issue an application bug would have to\n be present that resulted in a call to SSL_read()/SSL_write() being\n issued after having already received a fatal error. OpenSSL version\n 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is\n not affected. (bsc#1071905)\n * CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery\n multiplication procedure used in exponentiation with 1024-bit moduli.\n No EC algorithms are affected. Analysis suggests that attacks against\n RSA and DSA as a result of this defect would be very difficult to\n perform and are not believed likely. Attacks against DH1024 are\n considered just feasible, because most of the work necessary to deduce\n information about a private key may be performed offline. The amount\n of resources required for such an attack would be significant.\n However, for an attack on TLS to be meaningful, the server would have\n to share the DH1024 private key among multiple clients, which is no\n longer an option since CVE-2016-0701. This only affects processors\n that support the AVX2 but not ADX extensions like Intel Haswell (4th\n generation). Note: The impact from this issue is similar to\n CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. (bsc#1071906)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "published": "2017-12-16T15:07:17", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00076.html", "cvelist": ["CVE-2016-0701", "CVE-2017-3737", "CVE-2015-3193", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-3736"], "lastseen": "2017-12-16T18:04:55"}], "debian": [{"id": "DSA-3420", "type": "debian", "title": "bind9 -- security update", "description": "It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries.\n\nFor the oldstable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u8.\n\nFor the stable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u4.\n\nWe recommend that you upgrade your bind9 packages.", "published": "2015-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3420", "cvelist": ["CVE-2015-8000"], "lastseen": "2018-01-17T16:56:24"}, {"id": "DLA-370", "type": "debian", "title": "bind9 -- LTS security update", "description": "It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries.", "published": "2015-12-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/2015/dla-370", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-02T12:56:48"}], "redhat": [{"id": "RHSA-2015:2656", "type": "redhat", "title": "(RHSA-2015:2656) Important: bind security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "published": "2015-12-16T05:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2656", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-09-09T07:19:39"}, {"id": "RHSA-2015:2658", "type": "redhat", "title": "(RHSA-2015:2658) Important: bind97 security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "published": "2015-12-16T05:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2658", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-09-09T07:20:17"}, {"id": "RHSA-2015:2655", "type": "redhat", "title": "(RHSA-2015:2655) Important: bind security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "published": "2015-12-16T05:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2655", "cvelist": ["CVE-2015-8000"], "lastseen": "2018-06-12T21:10:42"}, {"id": "RHSA-2016:0079", "type": "redhat", "title": "(RHSA-2016:0079) Important: bind security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet.\n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "published": "2016-01-28T05:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0079", "cvelist": ["CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722"], "lastseen": "2017-05-17T09:23:45"}, {"id": "RHSA-2016:0078", "type": "redhat", "title": "(RHSA-2016:0078) Important: bind security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND followed DNS\ndelegations. A remote attacker could use a specially crafted zone\ncontaining a large number of referrals which, when looked up and processed,\nwould cause named to use excessive amounts of memory or crash.\n(CVE-2014-8500)\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet.\n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "published": "2016-01-28T05:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0078", "cvelist": ["CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2014-8500"], "lastseen": "2017-05-17T09:23:43"}], "centos": [{"id": "CESA-2015:2655", "type": "centos", "title": "bind security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:2655\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/021546.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/021549.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-libs-lite\nbind-license\nbind-lite-devel\nbind-pkcs11\nbind-pkcs11-devel\nbind-pkcs11-libs\nbind-pkcs11-utils\nbind-sdb\nbind-sdb-chroot\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2655.html", "published": "2015-12-16T20:01:41", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2015-December/021546.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-03T18:26:21"}, {"id": "CESA-2015:2658", "type": "centos", "title": "bind97 security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:2658\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/021550.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2658.html", "published": "2015-12-16T20:24:27", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2015-December/021550.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-03T18:26:06"}, {"id": "CESA-2015:2656", "type": "centos", "title": "bind, caching security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:2656\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting this issue.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-December/021551.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2656.html", "published": "2015-12-16T20:26:24", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2015-December/021551.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-10-03T18:26:33"}], "ubuntu": [{"id": "USN-2837-1", "type": "ubuntu", "title": "Bind vulnerability", "description": "It was discovered that Bind incorrectly handled responses with malformed class attributes. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service.", "published": "2015-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2837-1/", "cvelist": ["CVE-2015-8000"], "lastseen": "2018-03-29T18:19:34"}, {"id": "USN-2830-1", "type": "ubuntu", "title": "OpenSSL vulnerabilities", "description": "Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10. (CVE-2015-1794)\n\nHanno B\u00f6ck discovered that the OpenSSL Montgomery squaring procedure algorithm may produce incorrect results when being used on x86_64. A remote attacker could possibly use this issue to break encryption. This issue only applied to Ubuntu 15.10. (CVE-2015-3193)\n\nLo\u00efc Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1 signatures with a missing PSS parameter. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-3194)\n\nAdam Langley discovered that OpenSSL incorrectly handled malformed X509_ATTRIBUTE structures. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2015-3195)\n\nIt was discovered that OpenSSL incorrectly handled PSK identity hints. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196)", "published": "2015-12-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2830-1/", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2018-03-29T18:18:13"}], "oraclelinux": [{"id": "ELSA-2015-2655", "type": "oraclelinux", "title": "bind security update", "description": "[32:9.8.2-0.44.rc1.5]\n- Fix CVE-2015-8000", "published": "2015-12-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-2655.html", "cvelist": ["CVE-2015-8000"], "lastseen": "2016-09-04T11:16:32"}, {"id": "ELSA-2015-2656", "type": "oraclelinux", "title": "bind security update", "description": "[30:9.3.6-25.P1.5]\n- Fix CVE-2015-8000\n[30:9.3.6-25.P1.4]\n- Fix CVE-2015-5722\n[30:9.3.6-25.P1.3]\n- Fix CVE-2015-5477\n[30:9.3.6-25.P1.2]\n- Remove files backup after patching (Related: #1171971)\n[30:9.3.6-25.P1.1]\n- Fix CVE-2014-8500 (#1171971)", "published": "2015-12-16T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-2656.html", "cvelist": ["CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2014-8500"], "lastseen": "2016-09-04T11:16:59"}, {"id": "ELSA-2015-2658", "type": "oraclelinux", "title": "bind97 security update", "description": "[32:9.7.0-21.P2.4]\n- Fix CVE-2015-8000\n[32:9.7.0-21.P2.3]\n- Fix CVE-2015-5722\n[32:9.7.0-21.P2.2]\n- Fix CVE-2015-5477\n[32:9.7.0-21.P2.1]\n- Fix CVE-2014-8500 (#1171972)", "published": "2015-12-16T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-2658.html", "cvelist": ["CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2014-8500"], "lastseen": "2016-09-04T11:16:22"}, {"id": "ELSA-2016-2615", "type": "oraclelinux", "title": "bind security update", "description": "[32:9.9.4-38]\n- Fix CVE-2016-8864\n[32:9.9.4-37]\n- Fix CVE-2016-2776\n[32:9.9.4-36]\n- Added automatic interface scan functionality (#1294506)\n- Removed NetworkManager dispatcher script since it is not needed any more (#1294506)\n[32:9.9.4-35]\n- Added GeoIP support (#1220594)\n[32:9.9.4-34]\n- Added support for CAA records (#1306610)\n- Use HTTPS URL instead of FTP for upstream sources (#1319280)\n[32:9.9.4-33]\n- Fix excessive queries caused by DS chasing with stub zones when DNSSEC is not used (#1291185)\n- Fix error in internal test suite (#1259514)\n- Fix named-checkconf call in *-chroot.service files (#1278082)\n- Fix incorrect path in BIND sample configuration and added comment to default configuration (#1247502)\n[32:9.9.4-32]\n- Fix CVE-2016-1285 and CVE-2016-1286\n[32:9.9.4-31]\n- Fix CVE-2015-8704\n[32:9.9.4-30]\n- Fix CVE-2015-8000", "published": "2016-11-09T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-2615.html", "cvelist": ["CVE-2015-8704", "CVE-2016-1286", "CVE-2015-8000", "CVE-2016-8864", "CVE-2016-1285", "CVE-2016-2776"], "lastseen": "2016-11-09T21:24:05"}, {"id": "ELSA-2016-2093", "type": "oraclelinux", "title": "bind security update", "description": "[30:9.3.6-25.P1.10]\n- Fix CVE-2016-2848\n[30:9.3.6-25.P1.9]\n- Fix CVE-2016-2776\n[30:9.3.6-25.P1.8]\n- Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite\n[30:9.3.6-25.P1.7]\n- Fix CVE-2016-1285 and CVE-2016-1286\n[30:9.3.6-25.P1.6]\n- Fix CVE-2015-8704\n[30:9.3.6-25.P1.5]\n- Fix CVE-2015-8000\n[30:9.3.6-25.P1.4]\n- Fix CVE-2015-5722\n[30:9.3.6-25.P1.3]\n- Fix CVE-2015-5477\n[30:9.3.6-25.P1.2]\n- Remove files backup after patching (Related: #1171971)\n[30:9.3.6-25.P1.1]\n- Fix CVE-2014-8500 (#1171971)", "published": "2016-10-20T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-2093.html", "cvelist": ["CVE-2015-8704", "CVE-2016-1286", "CVE-2015-5477", "CVE-2015-8000", "CVE-2016-2848", "CVE-2015-5722", "CVE-2016-1285", "CVE-2016-2776", "CVE-2014-8500"], "lastseen": "2016-11-25T17:23:49"}, {"id": "ELSA-2016-1945", "type": "oraclelinux", "title": "bind97 security update", "description": "[32:9.7.0-21.P2.7]\n- Fix CVE-2016-2776\n[32:9.7.0-21.P2.6]\n- Fix CVE-2016-1285 and CVE-2016-1286\n[32:9.7.0-21.P2.5]\n- Fix CVE-2015-8704\n[32:9.7.0-21.P2.4]\n- Fix CVE-2015-8000\n[32:9.7.0-21.P2.3]\n- Fix CVE-2015-5722\n[32:9.7.0-21.P2.2]\n- Fix CVE-2015-5477\n[32:9.7.0-21.P2.1]\n- Fix CVE-2014-8500 (#1171972)", "published": "2016-09-28T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-1945.html", "cvelist": ["CVE-2015-8704", "CVE-2016-1286", "CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2016-1285", "CVE-2016-2776", "CVE-2014-8500"], "lastseen": "2016-09-28T21:23:34"}, {"id": "ELSA-2016-2094", "type": "oraclelinux", "title": "bind97 security update", "description": "[32:9.7.0-21.P2.8]\n- Fix CVE-2016-2848\n[32:9.7.0-21.P2.7]\n- Fix CVE-2016-2776\n[32:9.7.0-21.P2.6]\n- Fix CVE-2016-1285 and CVE-2016-1286\n[32:9.7.0-21.P2.5]\n- Fix CVE-2015-8704\n[32:9.7.0-21.P2.4]\n- Fix CVE-2015-8000\n[32:9.7.0-21.P2.3]\n- Fix CVE-2015-5722\n[32:9.7.0-21.P2.2]\n- Fix CVE-2015-5477\n[32:9.7.0-21.P2.1]\n- Fix CVE-2014-8500 (#1171972)", "published": "2016-10-20T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-2094.html", "cvelist": ["CVE-2015-8704", "CVE-2016-1286", "CVE-2015-5477", "CVE-2015-8000", "CVE-2016-2848", "CVE-2015-5722", "CVE-2016-1285", "CVE-2016-2776", "CVE-2014-8500"], "lastseen": "2016-10-21T01:23:50"}, {"id": "ELSA-2016-1944", "type": "oraclelinux", "title": "bind security update", "description": "[30:9.3.6-25.P1.9]\n- Fix CVE-2016-2776\n[30:9.3.6-25.P1.8]\n- Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite\n[30:9.3.6-25.P1.7]\n- Fix CVE-2016-1285 and CVE-2016-1286\n[30:9.3.6-25.P1.6]\n- Fix CVE-2015-8704\n[30:9.3.6-25.P1.5]\n- Fix CVE-2015-8000\n[30:9.3.6-25.P1.4]\n- Fix CVE-2015-5722\n[30:9.3.6-25.P1.3]\n- Fix CVE-2015-5477\n[30:9.3.6-25.P1.2]\n- Remove files backup after patching (Related: #1171971)\n[30:9.3.6-25.P1.1]\n- Fix CVE-2014-8500 (#1171971)", "published": "2016-09-28T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-1944.html", "cvelist": ["CVE-2015-8704", "CVE-2016-1286", "CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2016-1285", "CVE-2016-2776", "CVE-2014-8500"], "lastseen": "2016-11-25T17:24:04"}], "aix": [{"id": "BIND_ADVISORY10.ASC", "type": "aix", "title": "Vulnerability in BIND affects AIX", "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Thu Feb 25 09:58:38 CST 2016 \n|Updated: Wed Dec 6 10:17:27 CST 2017 \n|Update: Changed the impacted fileset for AIX 7.2 from bos.net.tcp.client\n| to bos.net.tcp.bind_utils.\n\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\nhttps://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\nftp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc\n\n\nSecurity Bulletin: Vulnerability in BIND affects AIX (CVE-2015-8000)\n\n\n===============================================================================\n\nSUMMARY:\n\n There is a vulnerability in BIND that impacts AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2015-8000\n DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an \n error in db.c when parsing incoming responses. A remote attacker could \n exploit this vulnerability to trigger a REQUIRE assertion failure and \n cause a denial of service.\n CVSS Base Score: 7.5\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/108948 for more\n information.\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n \n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2.x\n\n The following fileset levels are vulnerable:\n \n key_fileset = aix\n\n Fileset Lower Level Upper Level KEY \n ---------------------------------------------------------\n bos.net.tcp.client 5.3.12.0 5.3.12.10 key_w_fs\n bos.net.tcp.server 5.3.12.0 5.3.12.6 key_w_fs\n bos.net.tcp.client 6.1.9.0 6.1.9.101 key_w_fs\n bos.net.tcp.client 7.1.3.0 7.1.3.46 key_w_fs\n bos.net.tcp.client 7.1.4.0 7.1.4.0 key_w_fs\n| bos.net.tcp.bind_utils 7.2.0.0 7.2.0.0 key_w_fs\n \n Note: to find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ------------------------------------------------\n 5.3.12 IV80187 N/A key_w_apar\n 6.1.9 IV80188 5/20/16 SP7 key_w_apar\n 7.1.3 IV80189 8/24/16 SP7 key_w_apar\n 7.1.4 IV80191 5/20/16 SP2 key_w_apar\n 7.2.0 IV80192 5/20/16 SP2 key_w_apar\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV80188\n http://www.ibm.com/support/docview.wss?uid=isg1IV80189\n http://www.ibm.com/support/docview.wss?uid=isg1IV80191\n http://www.ibm.com/support/docview.wss?uid=isg1IV80192\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available.\n\n The fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar\n http://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar\n https://aix.software.ibm.com/aix/efixes/security/bind_fix10.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n \n \n AIX Level Interim Fix (*.Z) KEY\n ----------------------------------------------\n 5.3.12.9 IV80187m9a.160203.epkg.Z key_w_fix\n 6.1.9.6 IV80188s6a.160204.epkg.Z key_w_fix\n 7.1.3.5 IV80189m5a.160204.epkg.Z key_w_fix\n 7.1.4.1 IV80191s1a.160203.epkg.Z key_w_fix\n 7.2.0.1 IV80192s1a.160203.epkg.Z key_w_fix\n \n VIOS Level Interim Fix (*.Z) KEY\n -----------------------------------------------\n 2.2.4.0 IV80188s6a.160204.epkg.Z key_w_fix \n \n\n To extract the fixes from the tar file:\n\n tar xvf bind_fix10.tar\n cd bind_fix10\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the followng:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n d4a20706824a25e28f82d93bc7560d68d41f82109ee313b65694827b9bc143ba IV80187m9a.160203.epkg.Z key_w_csum\n c406a9e8c38ae6bcc7d9be89b6608cc408dfea923db7d11c482c2c3d7c11beea IV80188s6a.160204.epkg.Z key_w_csum\n fe01e0b9d4564d29ac26bbfa0da3d1c0e51f848b6b94ea0d58e767cead9c792f IV80189m5a.160204.epkg.Z key_w_csum\n 4b085c6cbdc5bf716cf5202a2b0d6c3b9e918095991f9beafc611b8c22c61ee1 IV80191s1a.160203.epkg.Z key_w_csum\n 19e153bc0d753f3c6f521bf87929eeef59d55e7e01e53977d37ff4d5a1bdedff IV80192s1a.160203.epkg.Z key_w_csum\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n openssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n Note: Keywords labeled as KEY in this document are used for parsing\n purposes.\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\nhttp://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v3 Guide: http://www.first.org/cvss/user-guide\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n\n\nACKNOWLEDGEMENTS:\n\n None \n\n\nCHANGE HISTORY:\n\n First Issued: Thu Feb 25 09:58:38 CST 2016 \n Updated: Tue Mar 1 09:10:59 CST 2016\n Update: Modified the impacted upper level filesets for 7.1.3\n| Updated: Wed Dec 6 10:17:27 CST 2017\n| Update: Changed the impacted fileset for AIX 7.2 from bos.net.tcp.client\n| to bos.net.tcp.bind_utils.\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n", "published": "2016-02-25T09:58:38", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory10.asc", "cvelist": ["CVE-2015-8000"], "lastseen": "2017-12-06T21:02:01"}], "archlinux": [{"id": "ASA-201512-10", "type": "archlinux", "title": "bind: denial of service", "description": "An error in the parsing of incoming responses allows some records with\nan incorrect class to be accepted by BIND instead of being rejected as\nmalformed. This can trigger a REQUIRE assertion failure when those\nrecords are subsequently cached. Intentional exploitation of this\ncondition is possible and could be used as a denial-of-service vector\nagainst servers performing recursive queries.\n\nAn attacker who can cause a server to request a record with a malformed\nclass attribute can use this bug to trigger a REQUIRE assertion in db.c,\ncausing named to exit and denying service to clients. The risk to\nrecursive servers is high. Authoritative servers are at limited risk if\nthey perform authentication when making recursive queries to resolve\naddresses for servers listed in NS RRSETs.", "published": "2015-12-16T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html", "cvelist": ["CVE-2015-8000", "CVE-2015-8370"], "lastseen": "2016-09-02T18:44:42"}, {"id": "ASA-201512-2", "type": "archlinux", "title": "openssl lib32-openssl: multiple issues", "description": "- CVE-2015-3193 (insecure private key in connection with DHE)\n\nThere is a carry propagating bug in the x86_64 Montgomery squaring\nprocedure. No EC algorithms are affected. Analysis suggests that attacks against RSA\nand DSA as a result of this defect would be very difficult to perform and are\nnot believed likely. Attacks against DH are considered just feasible\n(although very difficult) because most of the work necessary to deduce information\nabout a private key may be performed offline. The amount of resources\nrequired for such an attack would be very significant and likely only\naccessible to a limited number of attackers. An attacker would\nadditionally need online access to an unpatched system using the target\nprivate key in a scenario with persistent DH parameters and a private\nkey that is shared between multiple clients. For example this can occur\nby default in OpenSSL DHE based SSL/TLS ciphersuites.[1]\n\n- CVE-2015-3194 (denial of service)\n\nThe signature verification routines will crash with a NULL pointer\ndereference if presented with an ASN.1 signature using the RSA PSS algorithm and\nabsent mask generation function parameter. Since these routines are used to\nverify certificate signature algorithms this can be used to crash any\ncertificate verification operation and exploited in a DoS attack. Any application\nwhich performs certificate verification is vulnerable including OpenSSL\nclients and servers which enable client authentication.[2]\n\n- CVE-2015-3195 (memory leaks)\n\nWhen presented with a malformed X509_ATTRIBUTE structure OpenSSL will\nleak memory. This structure is used by the PKCS#7 and CMS routines so any\napplication which reads PKCS#7 or CMS data from untrusted sources is\naffected. SSL/TLS is not affected.[3]\n\n- CVE-2015-3196 (double free)\n\nIf PSK identity hints are received by a multi-threaded client then\nthe values are wrongly updated in the parent SSL_CTX structure. This can\nresult in a race condition potentially leading to a double free of the\nidentify hint data.[4]\n\n- CVE-2015-1794 (denial of service)\n\nIf a client receives a ServerKeyExchange for an anonymous DH ciphersuite\nwith the value of p set to 0 then a seg fault can occur leading to a possible\ndenial of service attack.[5]", "published": "2015-12-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html", "cvelist": ["CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2016-09-02T18:44:46"}], "openssl": [{"id": "OPENSSL:CVE-2015-3193", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2015-3193)", "description": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Reported by Hanno B\u00f6ck on 13th August 2015.", "published": "2015-12-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.openssl.org/news/vulnerabilities.html", "cvelist": ["CVE-2015-3193"], "lastseen": "2016-10-10T13:22:35"}, {"id": "OPENSSL:CVE-2015-3193,CVE-2017-3732", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2015-3193, CVE-2017-3732)", "description": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem. Reported by OSS-Fuzz project.", "published": "2017-01-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.openssl.org/news/vulnerabilities.html", "cvelist": ["CVE-2015-3193", "CVE-2017-3732"], "lastseen": "2017-01-26T14:59:32"}, {"id": "OPENSSL:CVE-2016-0701,CVE-2015-3193,CVE-2017-3732,CVE-2017-3738,CVE-2017-3736", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2016-0701, CVE-2015-3193, CVE-2017-3732, CVE-2017-3738, CVE-2017-3736)", "description": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. Reported by David Benjamin (Google)/Google OSS-Fuzz.", "published": "2017-12-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.openssl.org/news/vulnerabilities.html", "cvelist": ["CVE-2016-0701", "CVE-2015-3193", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-3736"], "lastseen": "2017-12-07T17:11:13"}], "hackerone": [{"id": "H1:128169", "type": "hackerone", "title": "OpenSSL (IBB): BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)", "description": "For certain inputs OpenSSL's BN_mod_exp function (which is used for RSA and Diffie Hellman) can produce wrong results.\nThe issue has been fixed by OpenSSL and rated moderate severity:\nhttps://openssl.org/news/secadv/20151203.txt\n\nA code example is here:\nhttps://github.com/hannob/bignum-fuzz/blob/master/CVE-2015-3193-openssl-vs-gcrypt-modexp.c\n\nSome more info:\nhttps://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html", "published": "2016-04-04T11:54:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/128169", "cvelist": ["CVE-2015-3193"], "lastseen": "2018-04-19T17:34:12"}], "cisco": [{"id": "CISCO-SA-20151204-OPENSSL", "type": "cisco", "title": "Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", "description": "A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to cause a DoS condition.\n\nThe vulnerability is due to improper handling of certificate signatures. An unauthenticated, remote attacker could exploit the vulnerability by using a malicious certificate during the connection to an application using OpenSSL. Successful exploitation could allow the attacker to cause the targeted application to terminate.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to cause a DoS condition.\n\nThe vulnerability is due to improper memory handling. An unauthenticated, remote attacker could exploit the vulnerability by sending malicious requests to an application that uses the OpenSSL library. Successful exploitation could allow the attacker to cause the application to consume available memory resources, resulting in a DoS condition.\n\nA vulnerability in OpenSSL could allow an unauthenticated, remote attacker to cause a DoS condition.\n\nThe vulnerability is due to improper memory operations performed when processing preshared keys. An unauthenticated, remote attacker could exploit the vulnerability by sending malicious requests to an application that uses OpenSSL. Successful exploitation could allow the attacker to cause the application to terminate, resulting in a DoS condition.\n\nA vulnerability in the Montgomery multiplication module of OpenSSL could allow an unauthenticated, remote attacker to cause the library to produce unexpected and possibly weak cryptographic output.\n\nThe vulnerability is due to an implementation error in the BN_mod_exp function. An unauthenticated, remote attacker could exploit the vulnerability by sending malicious requests to a targeted application that relies on OpenSSL. A successful exploit could allow the attacker to cause OpenSSL to produce weaker cryptographic protections than expected, possibly allowing the attacker to defeat security protections provided by OpenSSL more easily.\n\nA vulnerability in the anonymous Diffie-Hellman cipher suite in OpenSSL could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\n\nThe vulnerability is due to improper handling of input by the OpenSSL library. An unauthenticated, remote attacker could exploit the vulnerability by returning malicious values to a client application using OpenSSL. A successful exploit could allow the attacker to cause the application to terminate, resulting in a DoS condition.\n\nOn December 3, 2015, the OpenSSL Project released a security advisory detailing five vulnerabilities.\n\nMultiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. \n\nThis advisory will be updated as additional information becomes available.\n\nCisco will release software updates that address these vulnerabilities.\n\nWorkarounds that mitigate these vulnerabilities are not available.\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl\"]", "published": "2015-12-04T17:38:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl", "cvelist": ["CVE-2015-1794", "CVE-2015-3193", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196"], "lastseen": "2018-04-07T14:09:31"}], "gentoo": [{"id": "GLSA-201601-05", "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details. Note that the list includes CVE identifiers for an older OpenSSL Security Advisory (3 Dec 2015) for which we have not issued a GLSA before. \n\n### Impact\n\nA remote attacker could disclose a server\u2019s private DH exponent, or complete SSLv2 handshakes using ciphers that have been disabled on the server. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.0.2f\"", "published": "2016-01-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201601-05", "cvelist": ["CVE-2015-3197", "CVE-2015-1794", "CVE-2015-3195", "CVE-2015-3194", "CVE-2016-0701", "CVE-2015-3196", "CVE-2015-3193"], "lastseen": "2016-09-06T19:46:44"}], "packetstorm": [{"id": "PACKETSTORM:143369", "type": "packetstorm", "title": "Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle", "description": "", "published": "2017-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://packetstormsecurity.com/files/143369/Orion-Elite-Hidden-IP-Browser-Pro-7.9-OpenSSL-Tor-Man-In-The-Middle.html", "cvelist": ["CVE-2015-1793", "CVE-2015-3197", "CVE-2016-6306", "CVE-2016-0705", "CVE-2016-2183", "CVE-2016-2178", "CVE-2015-3195", "CVE-2016-0798", "CVE-2016-0799", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2105", "CVE-2015-3194", "CVE-2016-2107", "CVE-2016-7055", "CVE-2017-3731", "CVE-2016-0701", "CVE-2017-0375", "CVE-2016-2180", "CVE-2016-0797", "CVE-2016-0702", "CVE-2015-3196", "CVE-2016-2109", "CVE-2016-2181", "CVE-2016-6304", "CVE-2015-3193", "CVE-2017-3732", "CVE-2016-8860", "CVE-2016-7052", "CVE-2016-0800", "CVE-2016-2176", "CVE-2016-6303", "CVE-2016-2182", "CVE-2017-0376", "CVE-2016-2179", "CVE-2016-2106"], "lastseen": "2017-07-15T22:47:02"}], "oracle": [{"id": "ORACLE:CPUAPR2016V3-2985753", "type": "oracle", "title": "cpuapr2016v3", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 136 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n** Please note that on March 23, 2016, Oracle released [Security Alert for Java SE for CVE-2016-0636](<http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html>). Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced for CVE-2016-0636. **\n\nPlease also note that the vulnerabilities in this Critical Patch Update are scored using versions 3.0 and 2.0 of Common Vulnerability Scoring Standard (CVSS). Future Critical Patch Updates and Security Alerts will be scored using CVSS version 3.0 only.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2016-04-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-4000", "CVE-2016-0647", "CVE-2016-0648", "CVE-2016-0681", "CVE-2016-0641", "CVE-2014-3566", "CVE-2016-3436", "CVE-2011-4461", "CVE-2016-0697", "CVE-2015-1793", "CVE-2015-7236", "CVE-2015-3197", "CVE-2016-3457", "CVE-2016-3417", "CVE-2016-3441", "CVE-2016-3426", "CVE-2016-0699", "CVE-2016-0407", "CVE-2016-0623", "CVE-2016-0705", "CVE-2016-3423", "CVE-2013-4786", "CVE-2016-3418", "CVE-2016-0695", "CVE-2015-7181", "CVE-2015-1789", "CVE-2015-1794", "CVE-2016-3427", "CVE-2016-0682", "CVE-2016-2047", "CVE-2015-3195", "CVE-2016-0798", "CVE-2016-0677", "CVE-2014-3576", "CVE-2016-0649", "CVE-2016-0698", "CVE-2016-3462", "CVE-2016-0639", "CVE-2016-0696", "CVE-2016-0669", "CVE-2016-0692", "CVE-2016-0799", "CVE-2016-0694", "CVE-2016-3449", "CVE-2016-0469", "CVE-2016-0662", "CVE-2016-0680", "CVE-2016-0678", "CVE-2015-3194", "CVE-2015-7501", "CVE-2015-3253", "CVE-2016-3463", "CVE-2016-0646", "CVE-2016-3420", "CVE-2016-3422", "CVE-2016-3416", "CVE-2016-0674", "CVE-2016-0668", "CVE-2016-3431", "CVE-2015-3238", "CVE-2016-0797", "CVE-2015-7182", "CVE-2016-0702", "CVE-2015-2808", "CVE-2016-3419", "CVE-2015-7575", "CVE-2016-3456", "CVE-2014-2532", "CVE-2016-0679", "CVE-2016-0685", "CVE-2015-3196", "CVE-2016-0666", "CVE-2015-2721", "CVE-2015-3193", "CVE-2016-0479", "CVE-2016-0659", "CVE-2016-0636", "CVE-2016-0643", "CVE-2016-3454", "CVE-2016-0672", "CVE-2016-0642", "CVE-2016-3428", "CVE-2016-3443", "CVE-2016-3460", "CVE-2016-0675", "CVE-2016-0687", "CVE-2016-0652", "CVE-2016-0640", "CVE-2016-0700", "CVE-2015-7183", "CVE-2016-0638", "CVE-2016-0408", "CVE-2016-3442", "CVE-2016-0651", "CVE-2016-3461", "CVE-2016-0673", "CVE-2016-3447", "CVE-2016-0690", "CVE-2016-0665", "CVE-2016-0800", "CVE-2016-0655", "CVE-2016-0657", "CVE-2016-0684", "CVE-2016-3425", "CVE-2016-0468", "CVE-2013-2566", "CVE-2016-3464", "CVE-2015-1790", "CVE-2016-0691", "CVE-2016-3438", "CVE-2016-0686", "CVE-2016-3435", "CVE-2016-3434", "CVE-2016-0654", "CVE-2016-3455", "CVE-2016-3421", "CVE-2016-3465", "CVE-2016-3439", "CVE-2016-3429", "CVE-2016-0658", "CVE-2016-0650", "CVE-2016-0644", "CVE-2016-3437", "CVE-2016-0676", "CVE-2016-0656", "CVE-2016-0667", "CVE-2016-0683", "CVE-2016-0653", "CVE-2016-0671", "CVE-2016-0661", "CVE-2016-3466", "CVE-2016-0693", "CVE-2015-7547", "CVE-2015-4923", "CVE-2016-0688", "CVE-2016-0689", "CVE-2016-0663"], "lastseen": "2018-04-18T20:23:56"}, {"id": "ORACLE:CPUOCT2017-3236626", "type": "oracle", "title": "Oracle Critical Patch Update - October 2017", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2310031.1>).\n\nPlease note that on September 22, 2017, Oracle released [Security Alert for CVE-2017-9805](<http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html>). Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2017-10-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2017-10324", "CVE-2017-10167", "CVE-2017-10014", "CVE-2017-10417", "CVE-2017-10037", "CVE-2015-5351", "CVE-2015-5254", "CVE-2017-10270", "CVE-2017-10387", "CVE-2017-10360", "CVE-2015-1792", "CVE-2017-10321", "CVE-2017-10060", "CVE-2015-0235", "CVE-2015-1793", "CVE-2017-10404", "CVE-2017-10311", "CVE-2017-10421", "CVE-2017-10353", "CVE-2017-10260", "CVE-2017-10203", "CVE-2016-9840", "CVE-2017-10419", "CVE-2017-10424", "CVE-2017-10399", "CVE-2017-10293", "CVE-2015-3197", "CVE-2017-10299", "CVE-2017-10158", "CVE-2017-10379", "CVE-2017-10414", "CVE-2017-10054", "CVE-2017-10357", "CVE-2017-10197", "CVE-2017-10361", "CVE-2017-10356", "CVE-2016-5019", "CVE-2017-10322", "CVE-2017-10323", "CVE-2017-10066", "CVE-2014-3572", "CVE-2017-5709", "CVE-2016-6306", "CVE-2017-5462", "CVE-2014-3613", "CVE-2017-7502", "CVE-2015-7181", "CVE-2015-0206", "CVE-2017-10369", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10349", "CVE-2017-10284", "CVE-2017-10294", "CVE-2017-10325", "CVE-2017-10416", "CVE-2015-0286", "CVE-2017-10341", "CVE-2017-10420", "CVE-2017-10418", "CVE-2017-10367", "CVE-2016-2178", "CVE-2017-10164", "CVE-2013-1903", "CVE-2017-10400", "CVE-2017-3167", "CVE-2017-10281", "CVE-2015-3195", "CVE-2017-10351", "CVE-2017-10359", "CVE-2017-10381", "CVE-2017-10406", "CVE-2017-10348", "CVE-2017-10372", "CVE-2014-8714", "CVE-2017-10034", "CVE-2017-10328", "CVE-2016-0714", "CVE-2016-3092", "CVE-2014-3571", "CVE-2017-10397", "CVE-2017-10388", "CVE-2017-10330", "CVE-2017-10407", "CVE-2014-0076", "CVE-2017-10033", "CVE-2017-10342", "CVE-2017-10415", "CVE-2017-10408", "CVE-2016-6302", "CVE-2017-10344", "CVE-2017-10354", "CVE-2017-10338", "CVE-2017-10296", "CVE-2017-10292", "CVE-2017-10402", "CVE-2014-3587", "CVE-2017-10306", "CVE-2017-10365", "CVE-2017-10337", "CVE-2017-10426", "CVE-2016-8745", "CVE-2016-2177", "CVE-2017-10380", "CVE-2015-0288", "CVE-2017-10332", "CVE-2017-10378", "CVE-2014-0224", "CVE-2017-10026", "CVE-2017-10276", "CVE-2016-0635", "CVE-2017-10409", "CVE-2017-10166", "CVE-2017-10427", "CVE-2017-10422", "CVE-2015-3194", "CVE-2017-10355", "CVE-2017-10163", "CVE-2016-6515", "CVE-2017-10326", "CVE-2015-0285", "CVE-2016-2107", "CVE-2017-10153", "CVE-2016-7055", "CVE-2017-10382", "CVE-2015-7501", "CVE-2017-10364", "CVE-2017-10319", "CVE-2015-3253", "CVE-2017-3731", "CVE-2016-6307", "CVE-2016-0701", "CVE-2017-10398", "CVE-2017-10051", "CVE-2017-10308", "CVE-2017-10320", "CVE-2017-10287", "CVE-2017-10412", "CVE-2017-10334", "CVE-2016-9842", "CVE-2016-2834", "CVE-2017-10283", "CVE-2015-0899", "CVE-2017-10152", "CVE-2017-10264", "CVE-2016-1182", "CVE-2014-0065", "CVE-2016-0763", "CVE-2015-0207", "CVE-2017-10155", "CVE-2017-10271", "CVE-2017-10286", "CVE-2017-10304", "CVE-2016-6308", "CVE-2016-6816", "CVE-2016-7433", "CVE-2014-4342", "CVE-2017-5662", "CVE-2014-8275", "CVE-2016-2180", "CVE-2017-10411", "CVE-2017-10313", "CVE-2017-10194", "CVE-2015-7182", "CVE-2015-0208", "CVE-2015-2808", "CVE-2017-10347", "CVE-2014-3570", "CVE-2017-10227", "CVE-2015-7575", "CVE-2017-10370", "CVE-2017-10261", "CVE-2017-10425", "CVE-2017-5706", "CVE-2015-3196", "CVE-2017-10428", "CVE-2014-3470", "CVE-2017-10362", "CVE-2017-10309", "CVE-2016-2181", "CVE-2017-10391", "CVE-2016-6304", "CVE-2015-3193", "CVE-2017-10263", "CVE-2014-3538", "CVE-2017-10403", "CVE-2014-0114", "CVE-2017-10159", "CVE-2017-10410", "CVE-2017-3732", "CVE-2017-10383", "CVE-2017-10339", "CVE-2017-10340", "CVE-2014-0050", "CVE-2017-10327", "CVE-2017-10396", "CVE-2017-10300", "CVE-2014-3707", "CVE-2014-0064", "CVE-2017-10343", "CVE-2015-0293", "CVE-2017-10165", "CVE-2017-10316", "CVE-2017-3445", "CVE-2017-10373", "CVE-2016-1979", "CVE-2017-10363", "CVE-2017-10352", "CVE-2016-2381", "CVE-2014-8713", "CVE-2017-10279", "CVE-2015-7183", "CVE-2013-0255", "CVE-2017-10314", "CVE-2017-9805", "CVE-2015-1788", "CVE-2017-10055", "CVE-2014-0195", "CVE-2014-0198", "CVE-2017-10161", "CVE-2016-7052", "CVE-2015-0209", "CVE-2014-0063", "CVE-2016-1950", "CVE-2017-10333", "CVE-2015-0204", "CVE-2016-0706", "CVE-2013-0248", "CVE-2017-3733", "CVE-2017-5664", "CVE-2017-10312", "CVE-2017-10366", "CVE-2014-0060", "CVE-2017-10318", "CVE-2016-7429", "CVE-2016-1181", "CVE-2017-10268", "CVE-2017-10285", "CVE-2017-3446", "CVE-2017-10392", "CVE-2017-10413", "CVE-2016-9843", "CVE-2013-2566", "CVE-2016-8735", "CVE-2015-1790", "CVE-2017-10394", "CVE-2017-9788", "CVE-2017-10350", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10275", "CVE-2017-10274", "CVE-2017-10190", "CVE-2013-1902", "CVE-2017-10315", "CVE-2015-0291", "CVE-2017-10317", "CVE-2017-10389", "CVE-2017-10385", "CVE-2017-10154", "CVE-2017-10395", "CVE-2017-3588", "CVE-2014-4345", "CVE-2017-10162", "CVE-2003-1418", "CVE-2016-2182", "CVE-2017-10358", "CVE-2017-10310", "CVE-2017-10077", "CVE-2017-10346", "CVE-2014-0062", "CVE-2017-10401", "CVE-2015-0287", "CVE-2017-7668", "CVE-2017-3444", "CVE-2017-10295", "CVE-2017-10393", "CVE-2017-10423", "CVE-2017-10280", "CVE-2017-5461", "CVE-2016-10165", "CVE-2014-0066", "CVE-2015-0289", "CVE-2016-9841", "CVE-2015-7940", "CVE-2017-3169", "CVE-2017-10065", "CVE-2016-5285", "CVE-2017-10368", "CVE-2015-0292", "CVE-2017-10375", "CVE-2017-10384", "CVE-2014-0107", "CVE-2017-10050", "CVE-2016-3506", "CVE-2017-10345", "CVE-2017-10303", "CVE-2017-10302", "CVE-2017-10259", "CVE-2017-10265", "CVE-2015-0290", "CVE-2017-3730", "CVE-2015-0205", "CVE-2017-10329", "CVE-2016-2179", "CVE-2017-10405", "CVE-2017-10277", "CVE-2016-6814", "CVE-2013-1900", "CVE-2015-1787", "CVE-2015-4852", "CVE-2014-0061", "CVE-2014-3569", "CVE-2017-10386", "CVE-2015-1791", "CVE-2017-10336", "CVE-2017-10335", "CVE-2016-7431", "CVE-2017-7679", "CVE-2014-0221", "CVE-2017-10331", "CVE-2017-10099"], "lastseen": "2018-04-18T20:23:54"}, {"id": "ORACLE:CPUJUL2016-2881720", "type": "oracle", "title": "Oracle Critical Patch Update - July 2016", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 276 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using versions 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2016-07-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2015-5600", "CVE-2016-5465", "CVE-2015-4000", "CVE-2016-3446", "CVE-2016-3508", "CVE-2016-3547", "CVE-2016-3529", "CVE-2016-5452", "CVE-2016-5445", "CVE-2016-1548", "CVE-2016-2518", "CVE-2016-3485", "CVE-2016-3444", "CVE-2015-1792", "CVE-2014-3566", "CVE-2016-3552", "CVE-2015-0235", "CVE-2016-3615", "CVE-2015-1793", "CVE-2016-3491", "CVE-2016-3553", "CVE-2016-3477", "CVE-2016-3613", "CVE-2016-5477", "CVE-2016-3488", "CVE-2015-3197", "CVE-2016-3592", "CVE-2016-3573", "CVE-2016-3494", "CVE-2016-5466", "CVE-2016-5019", "CVE-2015-3236", "CVE-2016-3544", "CVE-2014-3572", "CVE-2016-0705", "CVE-2016-3545", "CVE-2016-3611", "CVE-2015-7181", "CVE-2015-0206", "CVE-2015-1789", "CVE-2016-3597", "CVE-2016-3598", "CVE-2016-5455", "CVE-2016-3574", "CVE-2015-8138", "CVE-2016-3500", "CVE-2016-5472", "CVE-2016-4051", "CVE-2016-3445", "CVE-2016-5454", "CVE-2016-3554", "CVE-2016-5458", "CVE-2015-3195", "CVE-2016-0798", "CVE-2016-3570", "CVE-2016-3432", "CVE-2016-3515", "CVE-2016-2108", "CVE-2016-5447", "CVE-2016-3474", "CVE-2016-3528", "CVE-2016-5440", "CVE-2016-3580", "CVE-2014-3571", "CVE-2016-5450", "CVE-2016-3496", "CVE-2016-3555", "CVE-2016-3596", "CVE-2016-1938", "CVE-2016-5468", "CVE-2016-3481", "CVE-2016-3563", "CVE-2016-0799", "CVE-2016-3539", "CVE-2016-3507", "CVE-2016-3584", "CVE-2016-3519", "CVE-2016-5460", "CVE-2016-3472", "CVE-2016-3583", "CVE-2016-5471", "CVE-2016-3511", "CVE-2016-3479", "CVE-2016-3499", "CVE-2013-2064", "CVE-2014-0224", "CVE-2016-5467", "CVE-2016-0635", "CVE-2016-3498", "CVE-2016-2105", "CVE-2016-3560", "CVE-2016-3514", "CVE-2016-5453", "CVE-2016-3440", "CVE-2016-4052", "CVE-2015-3194", "CVE-2016-2107", "CVE-2016-3607", "CVE-2016-3556", "CVE-2016-3512", "CVE-2016-3532", "CVE-2015-7501", "CVE-2016-1550", "CVE-2016-3475", "CVE-2015-3253", "CVE-2016-0701", "CVE-2016-3476", "CVE-2016-3588", "CVE-2016-3424", "CVE-2016-3471", "CVE-2016-1182", "CVE-2015-7704", "CVE-2016-3585", "CVE-2016-5444", "CVE-2016-3538", "CVE-2014-8275", "CVE-2016-3452", "CVE-2015-7979", "CVE-2016-3549", "CVE-2016-0797", "CVE-2015-7182", "CVE-2016-0702", "CVE-2015-2808", "CVE-2014-3570", "CVE-2016-5451", "CVE-2015-7575", "CVE-2016-3577", "CVE-2016-3591", "CVE-2016-3567", "CVE-2016-3467", "CVE-2016-3537", "CVE-2016-3593", "CVE-2016-3606", "CVE-2016-5456", "CVE-2016-3468", "CVE-2016-3540", "CVE-2016-2109", "CVE-2016-3559", "CVE-2016-5476", "CVE-2015-2721", "CVE-2016-3530", "CVE-2015-3193", "CVE-2014-9708", "CVE-2016-5473", "CVE-2016-3568", "CVE-2016-3453", "CVE-2016-5464", "CVE-2016-5462", "CVE-2016-3490", "CVE-2016-3572", "CVE-2016-3513", "CVE-2012-3137", "CVE-2015-0228", "CVE-2016-3509", "CVE-2015-3237", "CVE-2016-3565", "CVE-2016-5437", "CVE-2016-3534", "CVE-2016-3503", "CVE-2015-7183", "CVE-2016-3550", "CVE-2015-1788", "CVE-2016-3525", "CVE-2016-3587", "CVE-2016-3561", "CVE-2016-3504", "CVE-2016-3581", "CVE-2016-3501", "CVE-2016-5457", "CVE-2016-1547", "CVE-2015-3183", "CVE-2016-3614", "CVE-2012-3410", "CVE-2016-5461", "CVE-2016-5439", "CVE-2015-0204", "CVE-2016-5449", "CVE-2016-3578", "CVE-2016-3527", "CVE-2016-0800", "CVE-2016-3489", "CVE-2016-3483", "CVE-2016-3433", "CVE-2016-5459", "CVE-2016-1181", "CVE-2016-3450", "CVE-2016-3524", "CVE-2016-5442", "CVE-2016-3564", "CVE-2016-5470", "CVE-2013-2566", "CVE-2016-2176", "CVE-2015-1790", "CVE-2016-3542", "CVE-2016-1978", "CVE-2016-3575", "CVE-2016-3531", "CVE-2016-3502", "CVE-2016-3459", "CVE-2016-5446", "CVE-2016-3480", "CVE-2016-3533", "CVE-2016-5469", "CVE-2016-3526", "CVE-2016-5448", "CVE-2016-3486", "CVE-2016-3448", "CVE-2016-5474", "CVE-2016-5436", "CVE-2016-3523", "CVE-2016-5441", "CVE-2016-5475", "CVE-2016-3576", "CVE-2016-3595", "CVE-2016-3610", "CVE-2016-3458", "CVE-2016-3484", "CVE-2016-3586", "CVE-2016-3520", "CVE-2016-3451", "CVE-2016-3582", "CVE-2015-5300", "CVE-2016-3497", "CVE-2016-3589", "CVE-2016-3517", "CVE-2016-3608", "CVE-2016-3510", "CVE-2016-3493", "CVE-2016-3536", "CVE-2016-3548", "CVE-2016-3506", "CVE-2016-3571", "CVE-2016-3487", "CVE-2016-3546", "CVE-2016-5463", "CVE-2016-3541", "CVE-2016-3081", "CVE-2016-3521", "CVE-2015-0205", "CVE-2016-4053", "CVE-2016-3579", "CVE-2016-5443", "CVE-2016-3557", "CVE-2016-3558", "CVE-2016-2106", "CVE-2016-3594", "CVE-2016-3478", "CVE-2016-3522", "CVE-2016-3535", "CVE-2016-3543", "CVE-2016-3612", "CVE-2014-3569", "CVE-2016-3470", "CVE-2016-3518", "CVE-2016-3516", "CVE-2015-1791", "CVE-2016-3569", "CVE-2016-3482", "CVE-2016-3590", "CVE-2015-8104", "CVE-2016-3609", "CVE-2016-3566", "CVE-2016-3469"], "lastseen": "2018-04-18T20:23:41"}]}}
