Search...

GLSA-201401-34 : BIND: Denial of Service

2014-01-30T00:00:00

ID GENTOO_GLSA-201401-34.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
Modified 2014-01-30T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-201401-34 (BIND: Denial of Service)

Multiple vulnerabilities have been discovered in BIND. Please review the
  CVE identifiers referenced below for details.

Impact :

A remote attacker may be able to cause a Denial of Service condition.

Workaround :

There is no known workaround at this time.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201401-34.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(72208);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2012-5166", "CVE-2012-5688", "CVE-2012-5689", "CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854", "CVE-2014-0591");
  script_bugtraq_id(55852, 56817, 57556, 58736, 60338, 61479, 64801);
  script_xref(name:"GLSA", value:"201401-34");

  script_name(english:"GLSA-201401-34 : BIND: Denial of Service");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201401-34
(BIND: Denial of Service)

    Multiple vulnerabilities have been discovered in BIND. Please review the
      CVE identifiers referenced below for details.
  
Impact :

    A remote attacker may be able to cause a Denial of Service condition.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201401-34"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All BIND users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '&gt;=net-dns/bind-9.9.4_p2'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:bind");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/30");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-dns/bind", unaffected:make_list("ge 9.9.4_p2"), vulnerable:make_list("lt 9.9.4_p2"))) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "BIND");
}

JSON Vulners Source

Initial Source

{"id": "GENTOO_GLSA-201401-34.NASL", "bulletinFamily": "scanner", "title": "GLSA-201401-34 : BIND: Denial of Service", "description": "The remote host is affected by the vulnerability described in GLSA-201401-34\n(BIND: Denial of Service)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "published": "2014-01-30T00:00:00", "modified": "2014-01-30T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/72208", "reporter": "This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.", "references": ["https://security.gentoo.org/glsa/201401-34"], "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2013-3919", "CVE-2012-5688", "CVE-2012-5166", "CVE-2014-0591", "CVE-2013-4854"], "type": "nessus", "lastseen": "2021-01-07T10:55:28", "edition": 21, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310866433", "OPENVAS:1361412562310881768", "OPENVAS:841523", "OPENVAS:866433", "OPENVAS:892728", "OPENVAS:1361412562310892728", "OPENVAS:1361412562310867244", "OPENVAS:1361412562310841523", "OPENVAS:867244", "OPENVAS:1361412562310121131"]}, {"type": "gentoo", "idList": ["GLSA-201401-34"]}, {"type": "cve", "idList": ["CVE-2012-5689", "CVE-2014-0591", "CVE-2013-4854", "CVE-2012-5688", "CVE-2013-3919", "CVE-2012-5166", "CVE-2013-2266"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0043", "ELSA-2013-0550", "ELSA-2013-1114", "ELSA-2014-1244", "ELSA-2013-1115", "ELSA-2012-1549"]}, {"type": "f5", "idList": ["F5:K14601", "F5:K14386", "SOL15133", "SOL14600", "SOL14386", "F5:K14613", "F5:K14600", "SOL14601", "SOL14613", "F5:K14201"]}, {"type": "nessus", "idList": ["OPENSUSE-2013-654.NASL", "BIND9_993_P2.NASL", "REDHAT-RHSA-2013-1115.NASL", "CENTOS_RHSA-2013-1114.NASL", "BIND9_993.NASL", "REDHAT-RHSA-2013-1114.NASL", "ORACLEVM_OVMSA-2014-0084.NASL", "OPENSUSE-2013-296.NASL", "ORACLELINUX_ELSA-2013-1115.NASL", "SLACKWARE_SSA_2012-341-01.NASL"]}, {"type": "fedora", "idList": ["FEDORA:DF88222B91", "FEDORA:39DB62120F", "FEDORA:0A72460CC887", "FEDORA:C1FBF26597"]}, {"type": "seebug", "idList": ["SSV:60714", "SSV:60926"]}, {"type": "slackware", "idList": ["SSA-2013-218-01", "SSA-2012-341-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:1354-1", "SUSE-SU-2013:1310-1", "OPENSUSE-SU-2013:1353-1"]}, {"type": "redhat", "idList": ["RHSA-2013:1115", "RHSA-2013:1114"]}, {"type": "centos", "idList": ["CESA-2012:1549", "CESA-2013:1115", "CESA-2013:1114"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2728-1:901CB"]}, {"type": "amazon", "idList": ["ALAS-2012-146", "ALAS-2013-214"]}, {"type": "ubuntu", "idList": ["USN-1910-1", "USN-1657-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29663", "SECURITYVULNS:VULN:13223"]}, {"type": "freebsd", "idList": ["4671CDC9-7C6D-11E2-809B-6C626D99876C", "7943E521-F648-11E2-8607-3C970E169BC2"]}, {"type": "zdi", "idList": ["ZDI-13-210"]}], "modified": "2021-01-07T10:55:28", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2021-01-07T10:55:28", "rev": 2}, "vulnersScore": 7.1}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201401-34.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72208);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-5166\", \"CVE-2012-5688\", \"CVE-2012-5689\", \"CVE-2013-2266\", \"CVE-2013-3919\", \"CVE-2013-4854\", \"CVE-2014-0591\");\n script_bugtraq_id(55852, 56817, 57556, 58736, 60338, 61479, 64801);\n script_xref(name:\"GLSA\", value:\"201401-34\");\n\n script_name(english:\"GLSA-201401-34 : BIND: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201401-34\n(BIND: Denial of Service)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201401-34\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All BIND users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.9.4_p2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/bind\", unaffected:make_list(\"ge 9.9.4_p2\"), vulnerable:make_list(\"lt 9.9.4_p2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"BIND\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "72208", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:bind"], "scheme": null}

{"openvas": [{"lastseen": "2019-05-29T18:37:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2013-3919", "CVE-2012-5688", "CVE-2012-5166", "CVE-2014-0591", "CVE-2013-4854"], "description": "Gentoo Linux Local Security Checks GLSA 201401-34", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121131", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201401-34", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201401-34.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121131\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:47 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201401-34\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201401-34\");\n script_cve_id(\"CVE-2012-5166\", \"CVE-2012-5688\", \"CVE-2012-5689\", \"CVE-2013-2266\", \"CVE-2013-3919\", \"CVE-2013-4854\", \"CVE-2014-0591\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201401-34\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.9.4_p2\"), vulnerable: make_list(\"lt 9.9.4_p2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-24T11:09:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854"], "description": "Check for the Version of bind", "modified": "2018-01-24T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:866433", "href": "http://plugins.openvas.org/nasl.php?oid=866433", "type": "openvas", "title": "Fedora Update for bind FEDORA-2013-13831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2013-13831\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866433);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:25:38 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\", \"CVE-2013-3919\", \"CVE-2013-2266\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for bind FEDORA-2013-13831\");\n\n tag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n(Domain Name System) protocols. BIND includes a DNS server (named),\nwhich resolves host names to IP addresses a resolver library\n(routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating properly.\n\";\n\n tag_affected = \"bind on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13831\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.3~4.P2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:1361412562310866433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866433", "type": "openvas", "title": "Fedora Update for bind FEDORA-2013-13831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2013-13831\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866433\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:25:38 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\", \"CVE-2013-3919\", \"CVE-2013-2266\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for bind FEDORA-2013-13831\");\n\n\n script_tag(name:\"affected\", value:\"bind on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-13831\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.3~4.P2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0591", "CVE-2013-4854"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-01-20T00:00:00", "id": "OPENVAS:1361412562310867244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867244", "type": "openvas", "title": "Fedora Update for bind FEDORA-2014-0858", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2014-0858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867244\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 09:52:46 +0530 (Mon, 20 Jan 2014)\");\n script_cve_id(\"CVE-2014-0591\", \"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for bind FEDORA-2014-0858\");\n script_tag(name:\"affected\", value:\"bind on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0858\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.3~14.P2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:48:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0591", "CVE-2013-4854"], "description": "Check for the Version of bind", "modified": "2017-07-10T00:00:00", "published": "2014-01-20T00:00:00", "id": "OPENVAS:867244", "href": "http://plugins.openvas.org/nasl.php?oid=867244", "type": "openvas", "title": "Fedora Update for bind FEDORA-2014-0858", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2014-0858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867244);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 09:52:46 +0530 (Mon, 20 Jan 2014)\");\n script_cve_id(\"CVE-2014-0591\", \"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for bind FEDORA-2014-0858\");\n\n tag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n(Domain Name System) protocols. BIND includes a DNS server (named),\nwhich resolves host names to IP addresses a resolver library\n(routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating properly.\n\";\n\n tag_affected = \"bind on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0858\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html\");\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.3~14.P2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:51:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "description": "Check for the Version of bind", "modified": "2017-07-12T00:00:00", "published": "2013-02-22T00:00:00", "id": "OPENVAS:870914", "href": "http://plugins.openvas.org/nasl.php?oid=870914", "type": "openvas", "title": "RedHat Update for bind RHSA-2013:0550-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2013:0550-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named); a\n resolver library (routines for applications to use when interfacing with\n DNS); and tools for verifying that the DNS server is operating correctly.\n DNS64 is used to automatically generate DNS records so IPv6 based clients\n can access IPv4 systems through a NAT64 server.\n\n A flaw was found in the DNS64 implementation in BIND when using Response\n Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to\n a named server that is using RPZ rewrite rules, named could exit\n unexpectedly with an assertion failure. Note that DNS64 support is not\n enabled by default. (CVE-2012-5689)\n\n This update also adds the following enhancement:\n\n * Previously, it was impossible to configure the the maximum number of\n responses sent per second to one client. This allowed remote attackers to\n conduct traffic amplification attacks using DNS queries with spoofed source\n IP addresses. With this update, it is possible to use the new "rate-limit"\n configuration option in named.conf and configure the maximum number of\n queries which the server responds to. Refer to the BIND documentation for\n more details about the rate-limit option. (BZ#906312)\n\n All bind users are advised to upgrade to these updated packages, which\n contain patches to correct this issue and add this enhancement. After\n installing the update, the BIND daemon (named) will be restarted\n automatically.\";\n\n\ntag_affected = \"bind on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00071.html\");\n script_id(870914);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:18 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2013:0550-01\");\n script_name(\"RedHat Update for bind RHSA-2013:0550-01\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:09:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "description": "Check for the Version of bind", "modified": "2018-01-25T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:881663", "href": "http://plugins.openvas.org/nasl.php?oid=881663", "type": "openvas", "title": "CentOS Update for bind CESA-2013:0550 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2013:0550 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named); a\n resolver library (routines for applications to use when interfacing with\n DNS); and tools for verifying that the DNS server is operating correctly.\n DNS64 is used to automatically generate DNS records so IPv6 based clients\n can access IPv4 systems through a NAT64 server.\n\n A flaw was found in the DNS64 implementation in BIND when using Response\n Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to\n a named server that is using RPZ rewrite rules, named could exit\n unexpectedly with an assertion failure. Note that DNS64 support is not\n enabled by default. (CVE-2012-5689)\n\n This update also adds the following enhancement:\n\n * Previously, it was impossible to configure the the maximum number of\n responses sent per second to one client. This allowed remote attackers to\n conduct traffic amplification attacks using DNS queries with spoofed source\n IP addresses. With this update, it is possible to use the new "rate-limit"\n configuration option in named.conf and configure the maximum number of\n queries which the server responds to. Refer to the BIND documentation for\n more details about the "rate-limit" option. (BZ#906312)\n\n All bind users are advised to upgrade to these updated packages, which\n contain patches to correct this issue and add this enhancement. After\n installing the update, the BIND daemon (named) will be restarted\n automatically.\";\n\n\ntag_affected = \"bind on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019615.html\");\n script_id(881663);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:01:23 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-5689\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2013:0550\");\n script_name(\"CentOS Update for bind CESA-2013:0550 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2013-02-22T00:00:00", "id": "OPENVAS:1361412562310870914", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870914", "type": "openvas", "title": "RedHat Update for bind RHSA-2013:0550-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2013:0550-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00071.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870914\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:18 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2013:0550-01\");\n script_name(\"RedHat Update for bind RHSA-2013:0550-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named), a\n resolver library (routines for applications to use when interfacing with\n DNS), and tools for verifying that the DNS server is operating correctly.\n DNS64 is used to automatically generate DNS records so IPv6 based clients\n can access IPv4 systems through a NAT64 server.\n\n A flaw was found in the DNS64 implementation in BIND when using Response\n Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to\n a named server that is using RPZ rewrite rules, named could exit\n unexpectedly with an assertion failure. Note that DNS64 support is not\n enabled by default. (CVE-2012-5689)\n\n This update also adds the following enhancement:\n\n * Previously, it was impossible to configure the the maximum number of\n responses sent per second to one client. This allowed remote attackers to\n conduct traffic amplification attacks using DNS queries with spoofed source\n IP addresses. With this update, it is possible to use the new 'rate-limit'\n configuration option in named.conf and configure the maximum number of\n queries which the server responds to. Refer to the BIND documentation for\n more details about the rate-limit option. (BZ#906312)\n\n All bind users are advised to upgrade to these updated packages, which\n contain patches to correct this issue and add this enhancement. After\n installing the update, the BIND daemon (named) will be restarted\n automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310881663", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881663", "type": "openvas", "title": "CentOS Update for bind CESA-2013:0550 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2013:0550 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019615.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881663\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:01:23 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-5689\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2013:0550\");\n script_name(\"CentOS Update for bind CESA-2013:0550 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"bind on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named), a\n resolver library (routines for applications to use when interfacing with\n DNS), and tools for verifying that the DNS server is operating correctly.\n DNS64 is used to automatically generate DNS records so IPv6 based clients\n can access IPv4 systems through a NAT64 server.\n\n A flaw was found in the DNS64 implementation in BIND when using Response\n Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to\n a named server that is using RPZ rewrite rules, named could exit\n unexpectedly with an assertion failure. Note that DNS64 support is not\n enabled by default. (CVE-2012-5689)\n\n This update also adds the following enhancement:\n\n * Previously, it was impossible to configure the the maximum number of\n responses sent per second to one client. This allowed remote attackers to\n conduct traffic amplification attacks using DNS queries with spoofed source\n IP addresses. With this update, it is possible to use the new 'rate-limit'\n configuration option in named.conf and configure the maximum number of\n queries which the server responds to. Refer to the BIND documentation for\n more details about the 'rate-limit' option. (BZ#906312)\n\n All bind users are advised to upgrade to these updated packages, which\n contain patches to correct this issue and add this enhancement. After\n installing the update, the BIND daemon (named) will be restarted\n automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "description": "Oracle Linux Local Security Checks ELSA-2013-0550", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123688", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123688", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0550", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0550.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123688\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:15 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0550\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0550 - bind security and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0550\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0550.html\");\n script_cve_id(\"CVE-2012-5689\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.0.2.el6.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2013-3919", "CVE-2012-5688", "CVE-2012-5166", "CVE-2014-0591", "CVE-2013-4854"], "edition": 1, "description": "### Background\n\nBIND is the Berkeley Internet Name Domain Server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll BIND users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.9.4_p2\"", "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "GLSA-201401-34", "href": "https://security.gentoo.org/glsa/201401-34", "type": "gentoo", "title": "BIND: Denial of Service", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-10-03T12:06:12", "description": "ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.", "edition": 3, "cvss3": {}, "published": "2012-12-06T11:45:00", "title": "CVE-2012-5688", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5688"], "modified": "2018-12-06T19:14:00", "cpe": ["cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.9.1", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.0", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/a:isc:bind:9.8.2"], "id": "CVE-2012-5688", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5688", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:12", "description": "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.", "edition": 3, "cvss3": {}, "published": "2013-01-25T12:00:00", "title": "CVE-2012-5689", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5689"], "modified": "2016-08-19T18:31:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.8.1", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/a:isc:bind:9.9.1", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:6.4.z", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.8.2", "cpe:/o:redhat:enterprise_linux_hpc_node:6.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server_aus:6.4", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/a:isc:bind:9.8.4", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2012-5689", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5689", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:46:06", "description": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.", "edition": 3, "cvss3": {}, "published": "2013-07-29T13:59:00", "title": "CVE-2013-4854", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4854"], "modified": "2019-04-22T17:48:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.8.3", "cpe:/o:fedoraproject:fedora:18", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.9.3", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/a:isc:bind:9.7.4", "cpe:/o:freebsd:freebsd:8.2", "cpe:/o:redhat:enterprise_linux:5", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.7.2", "cpe:/o:fedoraproject:fedora:19", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.8.6", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/a:isc:dnsco_bind:9.9.4", "cpe:/o:freebsd:freebsd:8.3", "cpe:/a:isc:bind:9.8.0", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/a:isc:dnsco_bind:9.9.3", "cpe:/o:novell:suse_linux:11", "cpe:/a:isc:bind:9.9.0", "cpe:/a:suse:suse_linux_enterprise_software_development_kit:11.0", "cpe:/a:isc:bind:9.8.2", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:freebsd:freebsd:8.4", "cpe:/a:isc:bind:9.7.0", "cpe:/o:mandriva:business_server:1.0", "cpe:/o:freebsd:freebsd:9.2", "cpe:/a:isc:bind:9.8.5", "cpe:/o:mandriva:enterprise_server:5.0", "cpe:/o:freebsd:freebsd:8.0", "cpe:/o:hp:hp-ux:b.11.31", "cpe:/a:isc:bind:9.7.5", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:freebsd:freebsd:9.0", "cpe:/a:isc:bind:9.8.4", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/o:freebsd:freebsd:8.1", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:freebsd:freebsd:9.1"], "id": "CVE-2013-4854", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4854", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", "cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:10", "description": "ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.", "edition": 3, "cvss3": {}, "published": "2012-10-10T21:55:00", "title": "CVE-2012-5166", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5166"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2012-5166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5166", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:46:03", "description": "resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.", "edition": 3, "cvss3": {}, "published": "2013-06-06T13:02:00", "title": "CVE-2013-3919", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3919"], "modified": "2018-10-30T16:26:00", "cpe": ["cpe:/a:isc:bind:9.9.3", "cpe:/a:isc:bind:9.8.5", "cpe:/a:isc:bind:9.6"], "id": "CVE-2013-3919", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3919", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:45:59", "description": "libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.", "edition": 3, "cvss3": {}, "published": "2013-03-28T16:55:00", "title": "CVE-2013-2266", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2266"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.9.3", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.8.5", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.8.4"], "id": "CVE-2013-2266", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2266", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:12", "description": "The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.", "edition": 3, "cvss3": {}, "published": "2014-01-14T04:29:00", "title": "CVE-2014-0591", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0591"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.8.6", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.9.4", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.8.5", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.8.4", "cpe:/a:isc:bind:9.6.2"], "id": "CVE-2014-0591", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0591", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2014-0591", "CVE-2013-4854"], "description": "[32:9.8.2-0.23.rc1.1]\n- Fix CVE-2014-0591\n[32:9.8.2-0.23.rc1]\n- Fix gssapictx memory leak (#911167)\n[32:9.8.2-0.22.rc1]\n- fix CVE-2013-4854\n[32:9.8.2-0.21.rc1]\n- fix CVE-2013-2266\n- ship dns/rrl.h in -devel subpkg\n[32:9.8.2-0.20.rc1]\n- remove one bogus file from /usr/share/doc, introduced by RRL patch\n[32:9.8.2-0.19.rc1]\n- fix CVE-2012-5689\n[32:9.8.2-0.18.rc1]\n- add response rate limit patch (#873624)", "edition": 4, "modified": "2014-01-20T00:00:00", "published": "2014-01-20T00:00:00", "id": "ELSA-2014-0043", "href": "http://linux.oracle.com/errata/ELSA-2014-0043.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2266", "CVE-2014-0591", "CVE-2013-4854"], "description": "[32:9.7.0-21.P2]\r\n- Fix CVE-2014-0591\r\n \n[32:9.7.0-20.P2]\r\n- Fix init script to not unmount filesystem when ROOTDIR is empty (#1059118)\r\n \n[32:9.7.0-19.P2]\r\n- fix for CVE-2013-4854\r\n \n[32:9.7.0-18.P2]\r\n- fix CVE-2013-2266\r\n ", "edition": 4, "modified": "2014-09-17T00:00:00", "published": "2014-09-17T00:00:00", "id": "ELSA-2014-1244", "href": "http://linux.oracle.com/errata/ELSA-2014-1244.html", "title": "bind97 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:11", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689", "CVE-2012-3817", "CVE-2012-5688", "CVE-2012-5166", "CVE-2012-4244"], "description": "[32:9.8.2-0.17.rc1.0.2.el6.3]\r\n- bump up version and rebuild\r\n \n[32:9.8.2-0.17.rc1.0.1.el6.3]\r\n- add rrl.h into include dirs\r\n \n[32:9.8.2-0.27.rc1.3]\r\n- remove one bogus file from /usr/share/doc, introduced by RRL patch\r\n \n[32:9.8.2-0.17.rc1.2]\r\n- fix CVE-2012-5689\r\n \n[32:9.8.2-0.17.rc1.1]\r\n- add response rate limit patch (#873624)\r\n \n[32:9.8.2-0.17.rc1]\r\n- fix CVE-2012-5688\r\n \n[32:9.8.2-0.16.rc1]\r\n- initscript: silence spurious \"named.pid: No such file\" error\r\n \n[32:9.8.2-0.15.rc1]\r\n- fix CVE-2012-5166\r\n \n[32:9.8.2-0.14.rc1]\r\n- allow forward{,ers} statement in static-stub zones\r\n \n[32:9.8.2-0.13.rc1]\r\n- fix CVE-2012-4244\r\n \n[32:9.8.2-0.12.rc1]\r\n- fix CVE-2012-3817\r\n \n[32:9.8.2-0.11.rc1]\r\n- fix rbtnode.deadlink INSIST failures in rbtdb.c (#837165)", "edition": 4, "modified": "2013-02-28T00:00:00", "published": "2013-02-28T00:00:00", "id": "ELSA-2013-0550", "href": "http://linux.oracle.com/errata/ELSA-2013-0550.html", "title": "bind security and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:37", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "[32:9.8.2-0.10.rc1.6]\n- fix CVE-2012-5688", "edition": 4, "modified": "2012-12-06T00:00:00", "published": "2012-12-06T00:00:00", "id": "ELSA-2012-1549", "href": "http://linux.oracle.com/errata/ELSA-2012-1549.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "[32:9.8.2-0.17.rc1.0.2.el6_4.5]\n- bump release and build for ULN\n[32:9.8.2-0.17.rc1.5]\n- fix CVE-2013-4854", "edition": 4, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "ELSA-2013-1114", "href": "http://linux.oracle.com/errata/ELSA-2013-1114.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "[32:9.7.0-17.P2.2]\n- fix for CVE-2013-4854", "edition": 4, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "ELSA-2013-1115", "href": "http://linux.oracle.com/errata/ELSA-2013-1115.html", "title": "bind97 security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2020-04-06T22:40:43", "bulletinFamily": "software", "cvelist": ["CVE-2012-5689"], "description": "\nF5 Product Development has assigned ID 409587 (BIG-IP and Enterprise Manager) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.2.x - 11.3.x \n | 11.4.0 - 11.5.1 \n11.0.0 - 11.1.0 \n10.0.0 - 10.2.4 \n9.0.0 - 9.6.1 | BIND \nBIG-IP AAM | None | 11.4.0 - 11.5.1 | None \nBIG-IP AFM | None | 11.3.0 - 11.5.1 | None \nBIG-IP Analytics | None | 11.0.0 - 11.5.1 | None \nBIG-IP APM | None | 11.0.0 - 11.4.0 \n10.1.0 - 10.2.4 | None \nBIG-IP ASM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n9.2.0 - 9.4.8 | None \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None \nBIG-IP GTM | 11.2.x - 11.3.x | 11.4.0 - 11.5.1 \n11.0.0 - 11.1.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 | BIND \nBIG-IP Link Controller | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 | None \nBIG-IP PEM | None | 11.3.0 - 11.5.1 | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 \n9.4.5 - 9.4.8 | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.4.0 - 9.4.8 | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None \nARX | None | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.0.0 - 2.3.0 \n1.6.0 - 1.8.0 | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None\n\nIf using DNS64 and RPZs together, you can mitigate this vulnerability by verifying that the RPZ contains an AAAA rewrite rule for every A rewrite rule in the zone. If the RPZ provides an AAAA answer without the assistance of DNS64, the vulnerability is not triggered.\n\n**Note**: For more information about RPZ Rewriting, refer to [Chapter 6. BIND 9 Configuration Reference.](<https://ftp.isc.org/isc/bind9/9.9.7rc1/doc/arm/Bv9ARM.ch06.html>) This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n**Impact of action:** None\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "edition": 1, "modified": "2019-05-08T18:33:00", "published": "2014-07-29T22:36:00", "id": "F5:K14601", "href": "https://support.f5.com/csp/article/K14601", "title": "BIND vulnerability CVE-2012-5689", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-06-08T00:16:34", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "edition": 1, "description": "\nF5 Product Development has assigned ID 426341 (BIG-IP) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.4.0 \n| 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP AAM | 11.4.0 | 11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP AFM | 11.3.0 - 11.4.0 \n| 11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP Analytics | 11.0.0 - 11.4.0 \n| 11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP APM | 11.0.0 - 11.4.0 \n| 10.1.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP ASM | 11.0.0 - 11.4.0 \n| 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n| 10.1.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nBIG-IP GTM | 11.0.0 - 11.4.0 \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP Link Controller | 11.0.0 - 11.4.0 \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP PEM | 11.3.0 - 11.4.0 \n| 11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP PSM | 11.0.0 - 11.4.0 \n| 9.4.5 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n| BIND \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n| 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nBIG-IP WOM | 11.0.0 - 11.3.0 \n| 10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 \n| None \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nNone \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n", "modified": "2017-03-14T18:57:00", "published": "2013-08-16T02:48:00", "href": "https://support.f5.com/csp/article/K14613", "id": "F5:K14613", "title": "BIND vulnerability CVE-2013-4854", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:15", "bulletinFamily": "software", "cvelist": ["CVE-2012-5689"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf using DNS64 and RPZs together, you can mitigate this vulnerability by verifying that the RPZ contains an AAAA rewrite rule for every A rewrite rule in the zone. If the RPZ provides an AAAA answer without the assistance of DNS64, the vulnerability is not triggered.\n\n**Note**: For more information about RPZ Rewriting, refer to [Chapter 6. BIND 9 Configuration Reference.](<http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html>) This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n**Impact of action:** None\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n", "modified": "2016-07-25T00:00:00", "published": "2013-08-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14601.html", "id": "SOL14601", "title": "SOL14601 - BIND vulnerability CVE-2012-5689", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-03-19T09:02:05", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "edition": 1, "description": "Recommended action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n", "modified": "2013-08-15T00:00:00", "published": "2013-08-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14613.html", "id": "SOL14613", "title": "SOL14613 - BIND vulnerability CVE-2013-4854", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:34", "bulletinFamily": "software", "cvelist": ["CVE-2013-3919"], "edition": 1, "description": "\nF5 Product Development has assigned ID 422631 (BIG-IP and Enterprise Manager) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | None \n| 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n \n| None \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None | 11.3.0 - 11.4.0 | None \nBIG-IP Analytics | None | 11.0.0 - 11.4.0 | None \nBIG-IP APM | None | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 | None \nBIG-IP ASM | None | 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 | None \nBIG-IP Edge Gateway \n| None | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP GTM | None | 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 | None \nBIG-IP Link Controller | None \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP PEM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | None | 9.4.5 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 | None \nBIG-IP WebAccelerator | None | 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 | None \nBIG-IP WOM | None | 10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 | None \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 | None \nEnterprise Manager | None | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 | None \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 | None\n\nNone \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n", "modified": "2017-03-14T18:57:00", "published": "2013-08-16T01:01:00", "href": "https://support.f5.com/csp/article/K14600", "id": "F5:K14600", "type": "f5", "title": "BIND vulnerability CVE-2013-3919", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:23", "bulletinFamily": "software", "cvelist": ["CVE-2013-2266"], "edition": 1, "description": "\nF5 Product Development has assigned ID 416636 (BIG-IP) and ID 417643 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H416770 on the **Diagnostics **> **Identified **> **High **screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.3.0 \n \n| 11.4.0 \n10.0.0 - 10.2.4 \n9.0.0 - 9.6.1 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 \n| BIND \n \nBIG-IP AAM | None \n| 11.4.0 \n| None \n \nBIG-IP AFM | 11.3.0 \n| 11.4.0 \n11.3.0 HF4 \n| BIND \nBIG-IP Analytics | 11.0.0 - 11.3.0 \n| 11.4.0 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nBIG-IP APM | 11.0.0 - 11.3.0 \n| 11.4.0 \n10.1.0 - 10.2.4 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 \n| BIND \nBIG-IP ASM | 11.0.0 - 11.3.0 | 11.4.0 \n10.0.0 - 10.2.4 \n9.2.0 - 9.4.8 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 | 11.4.0 \n10.1.0 - 10.2.4 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 \n| BIND \nBIG-IP GTM | 11.0.0 - 11.3.0 | 11.4.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nBIG-IP Link Controller | 11.0.0 - 11.3.0 \n| 11.4.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 \n| BIND \nBIG-IP PEM | 11.3.0 \n| 11.4.0 \n11.3.0 HF4 | BIND \nBIG-IP PSM | 11.0.0 - 11.3.0 | 11.4.0 \n10.0.0 - 10.2.4 \n9.4.5 - 9.4.8 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 | 10.0.0 - 10.2.4 \n9.4.0 - 9.4.8 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nBIG-IP WOM | 11.0.0 - 11.3.0 | 10.0.0 - 10.2.4 \n11.1.0 HF7 \n11.2.0 HF5 \n11.2.1 HF5 \n11.3.0 HF4 | BIND \nARX | None | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 \n| None \nEnterprise Manager | 3.0.0 - 3.1.0 | 3.1.1 \n2.0.0 - 2.3.0 \n1.6.0 - 1.8.0 \n| BIND \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| None\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the table.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2017-03-14T18:57:00", "published": "2013-05-02T03:27:00", "href": "https://support.f5.com/csp/article/K14386", "id": "F5:K14386", "title": "BIND vulnerability CVE-2013-2266", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:07", "bulletinFamily": "software", "cvelist": ["CVE-2013-3919"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL6845: Managing BIG-IP product hotfixes (9.x)\n", "modified": "2016-07-25T00:00:00", "published": "2013-08-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14600.html", "id": "SOL14600", "title": "SOL14600 - BIND vulnerability CVE-2013-3919", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:22:58", "bulletinFamily": "software", "cvelist": ["CVE-2013-2266"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the table.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2016-07-25T00:00:00", "published": "2013-05-01T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14386.html", "id": "SOL14386", "title": "SOL14386 - BIND vulnerability CVE-2013-2266", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:22:51", "bulletinFamily": "software", "cvelist": ["CVE-2014-0591"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2014-04-03T00:00:00", "published": "2014-04-03T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15133.html", "id": "SOL15133", "title": "SOL15133 - BIND vulnerability CVE-2014-0591", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:26", "bulletinFamily": "software", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "edition": 1, "description": "\nF5 Product Development has assigned ID 400789 (BIG-IP and Enterprise Manager) to this vulnerability. To find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table: \n\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \n \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP Analytics | 11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP APM | 10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP ASM | 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP Edge Gateway \n| 10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP GTM | 9.2.2 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP Link Controller | 9.2.2 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP PEM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | 9.4.5 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP WebAccelerator | None \n| 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nBIG-IP WOM | None \n| 10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 | 3.1.1 \n| BIND DNS server \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nTo mitigate this vulnerability, you can disable recursion of the DNS server. To do so, perform the following procedure:\n\n**Impact of action:** The BIG-IP system will not be able to perform recursive lookups and may cause DNS lookup failures. BIG-IP GTM functionality may be impacted. \n\n\n 1. Log in to the BIG-IP system command line. \n\n 2. Using a text editor, such as vi, edit the **/var/named/etc/named.conf **file. \n\n 3. Add the following line to the options section: \n \nrecursion no; \n\n 4. Save the file. \n 5. To load the new configuration, type the following command: \n \nrndc reload\n\n * [CVE-2012-5166](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [CVE 2012-4244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2016-01-09T02:30:00", "published": "2013-02-11T21:20:00", "id": "F5:K14201", "href": "https://support.f5.com/csp/article/K14201", "title": "BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-06T13:23:24", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix CVE-2014-8500 (#1171973)\n\n - Use /dev/urandom when generating rndc.key file (#951255)\n\n - Remove bogus file from /usr/share/doc, introduced by fix\n for bug #1092035\n\n - Add support for TLSA resource records (#956685)\n\n - Increase defaults for lwresd workers and make workers\n and client objects number configurable (#1092035)\n\n - Fix segmentation fault in nsupdate when -r option is\n used (#1064045)\n\n - Fix race condition on send buffer in host tool when\n sending UDP query (#1008827)\n\n - Allow authentication using TSIG in allow-notify\n configuration statement (#1044545)\n\n - Fix SELinux context of /var/named/chroot/etc/localtime\n (#902431)\n\n - Include updated named.ca file with root server addresses\n (#917356)\n\n - Don't generate rndc.key if there is rndc.conf on\n start-up (#997743)\n\n - Fix dig man page regarding how to disable IDN (#1023045)\n\n - Handle ICMP Destination unreachable (Protocol\n unreachable) response (#1066876)\n\n - Configure BIND with --with-dlopen=yes to support\n dynamically loadable DLZ drivers (#846065)\n\n - Fix initscript to return correct exit value when calling\n checkconfig/configtest/check/test (#848033)\n\n - Don't (un)mount chroot filesystem when running\n initscript command configtest with running server\n (#851123)\n\n - Fix zone2sqlite tool to accept zones containing '.' or\n '-' or starting with a digit (#919414)\n\n - Fix initscript not to mount chroot filesystem is named\n is already running (#948743)\n\n - Fix initscript to check if the PID in PID-file is really\n s PID of running named server (#980632)\n\n - Correct the installed documentation ownership (#1051283)\n\n - configure with --enable-filter-aaaa to enable use of\n filter-aaaa-on-v4 option (#1025008)\n\n - Fix race condition when destroying a resolver fetch\n object (#993612)\n\n - Fix the RRL functionality to include\n referrals-per-second and nodata-per-second options\n (#1036700)\n\n - Fix segfault on SERVFAIL to NXDOMAIN failover (#919545)\n\n - Fix (CVE-2014-0591)\n\n - Fix gssapictx memory leak (#911167)\n\n - fix (CVE-2013-4854)\n\n - fix (CVE-2013-2266)\n\n - ship dns/rrl.h in -devel subpkg\n\n - remove one bogus file from /usr/share/doc, introduced by\n RRL patch\n\n - fix (CVE-2012-5689)\n\n - add response rate limit patch (#873624)", "edition": 28, "published": "2014-12-26T00:00:00", "title": "OracleVM 3.3 : bind (OVMSA-2014-0084)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2014-0591", "CVE-2014-8500", "CVE-2013-4854"], "modified": "2014-12-26T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:bind-utils", "cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:bind-libs"], "id": "ORACLEVM_OVMSA-2014-0084.NASL", "href": "https://www.tenable.com/plugins/nessus/80247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0084.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80247);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5689\", \"CVE-2013-2266\", \"CVE-2013-4854\", \"CVE-2014-0591\", \"CVE-2014-8500\");\n script_bugtraq_id(57556, 58736, 61479, 64801, 71590);\n\n script_name(english:\"OracleVM 3.3 : bind (OVMSA-2014-0084)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix CVE-2014-8500 (#1171973)\n\n - Use /dev/urandom when generating rndc.key file (#951255)\n\n - Remove bogus file from /usr/share/doc, introduced by fix\n for bug #1092035\n\n - Add support for TLSA resource records (#956685)\n\n - Increase defaults for lwresd workers and make workers\n and client objects number configurable (#1092035)\n\n - Fix segmentation fault in nsupdate when -r option is\n used (#1064045)\n\n - Fix race condition on send buffer in host tool when\n sending UDP query (#1008827)\n\n - Allow authentication using TSIG in allow-notify\n configuration statement (#1044545)\n\n - Fix SELinux context of /var/named/chroot/etc/localtime\n (#902431)\n\n - Include updated named.ca file with root server addresses\n (#917356)\n\n - Don't generate rndc.key if there is rndc.conf on\n start-up (#997743)\n\n - Fix dig man page regarding how to disable IDN (#1023045)\n\n - Handle ICMP Destination unreachable (Protocol\n unreachable) response (#1066876)\n\n - Configure BIND with --with-dlopen=yes to support\n dynamically loadable DLZ drivers (#846065)\n\n - Fix initscript to return correct exit value when calling\n checkconfig/configtest/check/test (#848033)\n\n - Don't (un)mount chroot filesystem when running\n initscript command configtest with running server\n (#851123)\n\n - Fix zone2sqlite tool to accept zones containing '.' or\n '-' or starting with a digit (#919414)\n\n - Fix initscript not to mount chroot filesystem is named\n is already running (#948743)\n\n - Fix initscript to check if the PID in PID-file is really\n s PID of running named server (#980632)\n\n - Correct the installed documentation ownership (#1051283)\n\n - configure with --enable-filter-aaaa to enable use of\n filter-aaaa-on-v4 option (#1025008)\n\n - Fix race condition when destroying a resolver fetch\n object (#993612)\n\n - Fix the RRL functionality to include\n referrals-per-second and nodata-per-second options\n (#1036700)\n\n - Fix segfault on SERVFAIL to NXDOMAIN failover (#919545)\n\n - Fix (CVE-2014-0591)\n\n - Fix gssapictx memory leak (#911167)\n\n - fix (CVE-2013-4854)\n\n - fix (CVE-2013-2266)\n\n - ship dns/rrl.h in -devel subpkg\n\n - remove one bogus file from /usr/share/doc, introduced by\n RRL patch\n\n - fix (CVE-2012-5689)\n\n - add response rate limit patch (#873624)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2014-December/000250.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f3bc143\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind-libs / bind-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-libs-9.8.2-0.30.rc1.el6_6.1\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-utils-9.8.2-0.30.rc1.el6_6.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind-libs / bind-utils\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:21:55", "description": "According to its self-reported version number, the remote installation\nof BIND can be forced to crash via maliciously crafted DNS requests. \n\nNote that this vulnerability only affects installs using the 'dns64'\nconfiguration option. \n \nFurther note that Nessus has only relied on the version itself and has\nnot attempted to determine whether or not the install is actually\naffected.", "edition": 26, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2018-01-18T00:00:00", "title": "ISC BIND 9 DNS64 Handling DoS (CVE-2012-5689)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_993.NASL", "href": "https://www.tenable.com/plugins/nessus/106136", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106136);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n\n script_name(english:\"ISC BIND 9 DNS64 Handling DoS (CVE-2012-5689)\");\n script_summary(english:\"Checks version of BIND\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is prone to a denial of service attack.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote installation\nof BIND can be forced to crash via maliciously crafted DNS requests. \n\nNote that this vulnerability only affects installs using the 'dns64'\nconfiguration option. \n \nFurther note that Nessus has only relied on the version itself and has\nnot attempted to determine whether or not the install is actually\naffected.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/docs/aa-00855\");\n script_set_attribute(attribute:\"see_also\", value:\"http://ftp.isc.org/isc/bind9/9.8.5/CHANGES\");\n script_set_attribute(attribute:\"see_also\", value:\"http://ftp.isc.org/isc/bind9/9.9.3/CHANGES\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to BIND 9.8.5 / 9.9.3 or later. Alternatively, disable\nDNS64 functionality via configuration options.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5689\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nver = get_kb_item_or_exit(\"bind/version\");\n\n# Check whether BIND is vulnerable, and recommend an upgrade.\n# Vuln 9.8.0 < 9.8.5 and 9.9.0 < 9.9.3\nfix = NULL;\n\n# Vuln 9.8.0 < 9.8.5\nif (ver =~ \"^9\\.8\\.[0-4]($|[^0-9])\")\n fix = '9.8.5';\n# Vuln 9.9.0 < 9.9.3\nelse if (ver =~ \"^9\\.9\\.[0-2]($|[^0-9])\")\n fix = '9.9.3';\nelse\n audit(AUDIT_LISTEN_NOT_VULN, \"BIND\", 53, ver, \"UDP\");\n\nitems = make_array(\n \"Installed version\", ver,\n \"Fixed version\", fix\n);\norder = make_list(\"Installed version\", \"Fixed version\");\nsecurity_report_v4(\n severity:SECURITY_HOLE,\n port:53,\n proto:\"udp\",\n extra:report_items_str(\n report_items:items,\n ordered_fields:order\n )\n);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T16:33:56", "description": "bind was updated to 9.8.4-P2 to fix security problems and bugs.\n\nSecurity Fixes Removed the check for regex.h in configure in order to\ndisable regex syntax checking, as it exposes BIND to a critical flaw\nin libregex on some platforms. [CVE-2013-2266] [RT #32688]\nhttps://kb.isc.org/article/AA-00871 (bnc#811876) Prevents named from\naborting with a require assertion failure on servers with DNS64\nenabled. These crashes might occur as a result of specific queries\nthat are received. (Note that this fix is a subset of a series of\nupdates that will be included in full in BIND 9.8.5 and 9.9.3 as\nchange #3388, RT #30996). [CVE-2012-5688] [RT #30792] A deliberately\nconstructed combination of records could cause named to hang while\npopulating the additional section of a response. [CVE-2012-5166] [RT\n#31090] Prevents a named assert (crash) when queried for a record\nwhose RDATA exceeds 65535 bytes [CVE-2012-4244] [RT #30416] Prevents a\nnamed assert (crash) when validating caused by using 'Bad cache' data\nbefore it has been initialized. [CVE-2012-3817] [RT #30025] A\ncondition has been corrected where improper handling of zero-length\nRDATA could cause undesirable behavior, including termination of the\nnamed process. [CVE-2012-1667] [RT #29644] New Features Elliptic Curve\nDigital Signature Algorithm keys and signatures in DNSSEC are now\nsupported per RFC 6605. [RT #21918] Feature Changes Improves OpenSSL\nerror logging [RT #29932] nslookup now returns a nonzero exit code\nwhen it is unable to get an answer. [RT #29492] Bug Fixes Uses binary\nmode to open raw files on Windows. [RT #30944] Static-stub zones now\naccept 'forward' and 'fowarders' options (often needed for subdomains\nof the zone referenced to override global forwarding options). These\noptions are already available with traditional stub zones and their\nomission from zones of type 'static-stub' was an inadvertent\noversight. [RT #30482] Limits the TTL of signed RRsets in cache when\ntheir RRSIGs are approaching expiry. This prevents the persistence in\ncache of invalid RRSIGs in order to assist recovery from a situation\nwhere zone re-signing doesn't occur in a timely manner. With this\nchange, named will attempt to obtain new RRSIGs from the authoritative\nserver once the original ones have expired, and even if the TTL of the\nold records would in other circumstances cause them to be kept in\ncache for longer. [RT #26429] Corrects the syntax of isc_atomic_xadd()\nand isc_atomic_cmpxchg() which are employed on Itanium systems to\nspeed up lock management by making use of atomic operations. Without\nthe syntax correction it is possible that concurrent access to the\nsame structures could accidentally occur with unpredictable results.\n[RT #25181] The configure script now supports and detects\nlibxml2-2.8.x correctly [RT #30440] The host command should no longer\nassert on some architectures and builds while handling the time values\nused with the -w (wait forever) option. [RT #18723] Invalid zero\nsettings for max-retry-time, min-retry-time, max-refresh-time,\nmin-refresh-time will now be detected during parsing of named.conf and\nan error emitted instead of triggering an assertion failure on\nstartup. [RT #27730] Removes spurious newlines from log messages in\nzone.c [RT #30675] When built with readline support (i.e. on a system\nwith readline installed) nsupdate no longer terminates unexpectedly in\ninteractive mode. [RT #29550] All named tasks that perform\ntask-exclusive operations now share the same single task. Prior to\nthis change, there was the possibility of a race condition between\nrndc operations and other functions such as re-sizing the adb hash\ntable. If the race condition was encountered, named would in most\ncases terminate unexpectedly with an assert. [RT #29872] Ensures that\nservers are expired from the ADB cache when the timeout limit is\nreached so that their learned attributes can be refreshed. Prior to\nthis change, servers that were frequently queried might never have\ntheir entries removed and reinitialized. This is of particular\nimportance to DNSSEC-validating recursive servers that might\nerroneously set 'no-edns' for an authoritative server following a\nperiod of intermittent connectivity. [RT #29856] Adds additional\nresilience to a previous security change (3218) by preventing RRSIG\ndata from being added to cache when a pseudo-record matching the\ncovering type and proving non-existence exists at a higher trust\nlevel. The earlier change prevented this inconsistent data from being\nretrieved from cache in response to client queries - with this\nadditional change, the RRSIG records are no longer inserted into cache\nat all. [RT #26809] dnssec-settime will now issue a warning when the\nwriting of a new private key file would cause a change in the\npermissions of the existing file. [RT #27724] Fixes the defect\nintroduced by change #3314 that was causing failures when saving stub\nzones to disk (resulting in excessive CPU usage in some cases). [RT\n#29952] It is now possible to using multiple control keys again - this\nfunctionality was inadvertently broken by change #3924 (RT #28265)\nwhich addressed a memory leak. [RT #29694] Setting\nresolver-query-timeout too low could cause named problems recovering\nafter a loss of connectivity. [RT #29623] Reduces the potential\nbuild-up of stale RRsets in cache on a busy recursive nameserver by\nre-using cached DS and RRSIG rrsets when possible [RT #29446] Corrects\na failure to authenticate non-existence of resource records in some\ncircumstances when RPZ has been configured. Also :\n\n - adds an optional 'recursive-only yes|no' to the\n response-policy statement\n\n - adds an optional 'max-policy-ttl' to the response-policy\n statement to limit the false data that 'recursive-only\n no' can introduce into resolvers' caches\n\n - introduces a predefined encoding of PASSTHRU policy by\n adding 'rpz-passthru' to be used as the target of CNAME\n policy records (the old encoding is still accepted.)\n\n - adds a RPZ performance test to bin/tests/system/rpz when\n queryperf is available. [RT #26172]\n Upper-case/lower-case handling of RRSIG signer-names is\n now handled consistently: RRSIG records are generated\n with the signer-name in lower case. They are accepted\n with any case, but if they fail to validate, we try\n again in lower case. [RT #27451]\n\n - Update the IPv4 address of the D root name server.", "edition": 20, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2266", "CVE-2012-3817", "CVE-2012-5688", "CVE-2012-3868", "CVE-2012-5166", "CVE-2012-1667", "CVE-2012-4244"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-lwresd", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "p-cpe:/a:novell:opensuse:bind"], "id": "OPENSUSE-2013-296.NASL", "href": "https://www.tenable.com/plugins/nessus/74953", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-296.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74953);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2012-1667\", \"CVE-2012-3817\", \"CVE-2012-3868\", \"CVE-2012-4244\", \"CVE-2012-5166\", \"CVE-2012-5688\", \"CVE-2013-2266\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)\");\n script_summary(english:\"Check for the openSUSE-2013-296 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"bind was updated to 9.8.4-P2 to fix security problems and bugs.\n\nSecurity Fixes Removed the check for regex.h in configure in order to\ndisable regex syntax checking, as it exposes BIND to a critical flaw\nin libregex on some platforms. [CVE-2013-2266] [RT #32688]\nhttps://kb.isc.org/article/AA-00871 (bnc#811876) Prevents named from\naborting with a require assertion failure on servers with DNS64\nenabled. These crashes might occur as a result of specific queries\nthat are received. (Note that this fix is a subset of a series of\nupdates that will be included in full in BIND 9.8.5 and 9.9.3 as\nchange #3388, RT #30996). [CVE-2012-5688] [RT #30792] A deliberately\nconstructed combination of records could cause named to hang while\npopulating the additional section of a response. [CVE-2012-5166] [RT\n#31090] Prevents a named assert (crash) when queried for a record\nwhose RDATA exceeds 65535 bytes [CVE-2012-4244] [RT #30416] Prevents a\nnamed assert (crash) when validating caused by using 'Bad cache' data\nbefore it has been initialized. [CVE-2012-3817] [RT #30025] A\ncondition has been corrected where improper handling of zero-length\nRDATA could cause undesirable behavior, including termination of the\nnamed process. [CVE-2012-1667] [RT #29644] New Features Elliptic Curve\nDigital Signature Algorithm keys and signatures in DNSSEC are now\nsupported per RFC 6605. [RT #21918] Feature Changes Improves OpenSSL\nerror logging [RT #29932] nslookup now returns a nonzero exit code\nwhen it is unable to get an answer. [RT #29492] Bug Fixes Uses binary\nmode to open raw files on Windows. [RT #30944] Static-stub zones now\naccept 'forward' and 'fowarders' options (often needed for subdomains\nof the zone referenced to override global forwarding options). These\noptions are already available with traditional stub zones and their\nomission from zones of type 'static-stub' was an inadvertent\noversight. [RT #30482] Limits the TTL of signed RRsets in cache when\ntheir RRSIGs are approaching expiry. This prevents the persistence in\ncache of invalid RRSIGs in order to assist recovery from a situation\nwhere zone re-signing doesn't occur in a timely manner. With this\nchange, named will attempt to obtain new RRSIGs from the authoritative\nserver once the original ones have expired, and even if the TTL of the\nold records would in other circumstances cause them to be kept in\ncache for longer. [RT #26429] Corrects the syntax of isc_atomic_xadd()\nand isc_atomic_cmpxchg() which are employed on Itanium systems to\nspeed up lock management by making use of atomic operations. Without\nthe syntax correction it is possible that concurrent access to the\nsame structures could accidentally occur with unpredictable results.\n[RT #25181] The configure script now supports and detects\nlibxml2-2.8.x correctly [RT #30440] The host command should no longer\nassert on some architectures and builds while handling the time values\nused with the -w (wait forever) option. [RT #18723] Invalid zero\nsettings for max-retry-time, min-retry-time, max-refresh-time,\nmin-refresh-time will now be detected during parsing of named.conf and\nan error emitted instead of triggering an assertion failure on\nstartup. [RT #27730] Removes spurious newlines from log messages in\nzone.c [RT #30675] When built with readline support (i.e. on a system\nwith readline installed) nsupdate no longer terminates unexpectedly in\ninteractive mode. [RT #29550] All named tasks that perform\ntask-exclusive operations now share the same single task. Prior to\nthis change, there was the possibility of a race condition between\nrndc operations and other functions such as re-sizing the adb hash\ntable. If the race condition was encountered, named would in most\ncases terminate unexpectedly with an assert. [RT #29872] Ensures that\nservers are expired from the ADB cache when the timeout limit is\nreached so that their learned attributes can be refreshed. Prior to\nthis change, servers that were frequently queried might never have\ntheir entries removed and reinitialized. This is of particular\nimportance to DNSSEC-validating recursive servers that might\nerroneously set 'no-edns' for an authoritative server following a\nperiod of intermittent connectivity. [RT #29856] Adds additional\nresilience to a previous security change (3218) by preventing RRSIG\ndata from being added to cache when a pseudo-record matching the\ncovering type and proving non-existence exists at a higher trust\nlevel. The earlier change prevented this inconsistent data from being\nretrieved from cache in response to client queries - with this\nadditional change, the RRSIG records are no longer inserted into cache\nat all. [RT #26809] dnssec-settime will now issue a warning when the\nwriting of a new private key file would cause a change in the\npermissions of the existing file. [RT #27724] Fixes the defect\nintroduced by change #3314 that was causing failures when saving stub\nzones to disk (resulting in excessive CPU usage in some cases). [RT\n#29952] It is now possible to using multiple control keys again - this\nfunctionality was inadvertently broken by change #3924 (RT #28265)\nwhich addressed a memory leak. [RT #29694] Setting\nresolver-query-timeout too low could cause named problems recovering\nafter a loss of connectivity. [RT #29623] Reduces the potential\nbuild-up of stale RRsets in cache on a busy recursive nameserver by\nre-using cached DS and RRSIG rrsets when possible [RT #29446] Corrects\na failure to authenticate non-existence of resource records in some\ncircumstances when RPZ has been configured. Also :\n\n - adds an optional 'recursive-only yes|no' to the\n response-policy statement\n\n - adds an optional 'max-policy-ttl' to the response-policy\n statement to limit the false data that 'recursive-only\n no' can introduce into resolvers' caches\n\n - introduces a predefined encoding of PASSTHRU policy by\n adding 'rpz-passthru' to be used as the target of CNAME\n policy records (the old encoding is still accepted.)\n\n - adds a RPZ performance test to bin/tests/system/rpz when\n queryperf is available. [RT #26172]\n Upper-case/lower-case handling of RRSIG signer-names is\n now handled consistently: RRSIG records are generated\n with the signer-name in lower case. They are accepted\n with any case, but if they fail to validate, we try\n again in lower case. [RT #27451]\n\n - Update the IPv4 address of the D root name server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=811876\"\n );\n # https://kb.isc.org/article/AA-00871\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-00871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00035.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-chrootenv-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-debuginfo-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-debugsource-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-devel-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-libs-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-libs-debuginfo-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-lwresd-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-lwresd-debuginfo-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-utils-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-utils-debuginfo-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.8.4P2-4.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.8.4P2-4.32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2021-01-17T09:10:38", "description": "New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1,\n13.37, 14.0, and -current to fix security issues.", "edition": 23, "published": "2012-12-07T00:00:00", "title": "Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2012-341-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3817", "CVE-2012-5688", "CVE-2012-3868", "CVE-2012-5166", "CVE-2012-1667"], "modified": "2012-12-07T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2012-341-01.NASL", "href": "https://www.tenable.com/plugins/nessus/63167", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2012-341-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63167);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1667\", \"CVE-2012-3817\", \"CVE-2012-3868\", \"CVE-2012-5166\", \"CVE-2012-5688\");\n script_xref(name:\"SSA\", value:\"2012-341-01\");\n\n script_name(english:\"Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2012-341-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1,\n13.37, 14.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?059c79a8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.4_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"bind\", pkgver:\"9.9.2_P1\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.2_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.9.2_P1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.2_P1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2021-01-06T09:28:33", "description": "Updated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 25, "published": "2013-03-10T00:00:00", "title": "CentOS 6 : bind (CESA-2013:0550)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2013-03-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-devel", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-chroot"], "id": "CENTOS_RHSA-2013-0550.NASL", "href": "https://www.tenable.com/plugins/nessus/65158", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0550 and \n# CentOS Errata and Security Advisory 2013:0550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65158);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n script_xref(name:\"RHSA\", value:\"2013:0550\");\n\n script_name(english:\"CentOS 6 : bind (CESA-2013:0550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019615.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?921f98b3\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-February/000806.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abdb7dbb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5689\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-devel-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-libs-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-utils-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:18:20", "description": "A flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)", "edition": 23, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : bind (ALAS-2013-158)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bind", "p-cpe:/a:amazon:linux:bind-utils", "p-cpe:/a:amazon:linux:bind-debuginfo", "p-cpe:/a:amazon:linux:bind-sdb", "p-cpe:/a:amazon:linux:bind-devel", "p-cpe:/a:amazon:linux:bind-libs", "p-cpe:/a:amazon:linux:bind-chroot", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-158.NASL", "href": "https://www.tenable.com/plugins/nessus/69717", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-158.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69717);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_xref(name:\"ALAS\", value:\"2013-158\");\n script_xref(name:\"RHSA\", value:\"2013:0550\");\n\n script_name(english:\"Amazon Linux AMI : bind (ALAS-2013-158)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-158.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update bind' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"bind-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-chroot-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-debuginfo-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-devel-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-libs-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-sdb-9.8.2-0.17.rc1.27.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-utils-9.8.2-0.17.rc1.27.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:57:57", "description": "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain\nconfigurations involving DNS64 with a Response Policy Zone that lacks\nan AAAA rewrite rule, allows remote attackers to cause a denial of\nservice (assertion failure and named daemon exit) via a query for an\nAAAA record.", "edition": 27, "published": "2016-01-28T00:00:00", "title": "F5 Networks BIG-IP : BIND vulnerability (SOL14601)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL14601.NASL", "href": "https://www.tenable.com/plugins/nessus/88432", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL14601.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88432);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n\n script_name(english:\"F5 Networks BIG-IP : BIND vulnerability (SOL14601)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain\nconfigurations involving DNS64 with a Response Policy Zone that lacks\nan AAAA rewrite rule, allows remote attackers to cause a denial of\nservice (assertion failure and named daemon exit) via a query for an\nAAAA record.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://ftp.isc.org/isc/bind/9.10.2-P2/doc/arm/Bv9ARM.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K14601\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL14601.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL14601\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.2.0-11.3.99\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.4.0-11.5.1\",\"11.0.0-11.1.0\",\"10.0.0-10.2.4\",\"9.2.2-9.4.8\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.2.0-11.3.99\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.4.0-11.5.1\",\"11.0.0-11.1.0\",\"10.0.0-10.2.4\",\"9.0.0-9.6.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules GTM / LTM\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:47:25", "description": "A flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n - Previously, it was impossible to configure the the\n maximum number of responses sent per second to one\n client. This allowed remote attackers to conduct traffic\n amplification attacks using DNS queries with spoofed\n source IP addresses. With this update, it is possible to\n use the new 'rate-limit' configuration option in\n named.conf and configure the maximum number of queries\n which the server responds to. Refer to the BIND\n documentation for more details about the 'rate-limit'\n option.\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 16, "published": "2013-03-01T00:00:00", "title": "Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20130221)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2013-03-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-debuginfo", "p-cpe:/a:fermilab:scientific_linux:bind-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-utils", "p-cpe:/a:fermilab:scientific_linux:bind-libs", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind-sdb", "p-cpe:/a:fermilab:scientific_linux:bind"], "id": "SL_20130221_BIND_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/64948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64948);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5689\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20130221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n - Previously, it was impossible to configure the the\n maximum number of responses sent per second to one\n client. This allowed remote attackers to conduct traffic\n amplification attacks using DNS queries with spoofed\n source IP addresses. With this update, it is possible to\n use the new 'rate-limit' configuration option in\n named.conf and configure the maximum number of queries\n which the server responds to. Refer to the BIND\n documentation for more details about the 'rate-limit'\n option.\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1302&L=scientific-linux-errata&T=0&P=5657\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a633ae79\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"bind-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-debuginfo-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:47:47", "description": "From Red Hat Security Advisory 2013:0550 :\n\nUpdated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : bind (ELSA-2013-0550)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:bind-libs"], "id": "ORACLELINUX_ELSA-2013-0550.NASL", "href": "https://www.tenable.com/plugins/nessus/68763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0550 and \n# Oracle Linux Security Advisory ELSA-2013-0550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68763);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(54658, 55522, 55852, 56817, 57556);\n script_xref(name:\"RHSA\", value:\"2013:0550\");\n\n script_name(english:\"Oracle Linux 6 : bind (ELSA-2013-0550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0550 :\n\nUpdated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003310.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"bind-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-chroot-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-devel-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-libs-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-sdb-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-utils-9.8.2-0.17.rc1.0.2.el6.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:12:05", "description": "Updated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 26, "published": "2013-02-22T00:00:00", "title": "RHEL 6 : bind (RHSA-2013:0550)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5689"], "modified": "2013-02-22T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"], "id": "REDHAT-RHSA-2013-0550.NASL", "href": "https://www.tenable.com/plugins/nessus/64793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0550. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64793);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5689\");\n script_bugtraq_id(57556);\n script_xref(name:\"RHSA\", value:\"2013:0550\");\n\n script_name(english:\"RHEL 6 : bind (RHSA-2013:0550)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue and add one\nenhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly. DNS64 is used to automatically generate DNS\nrecords so IPv6 based clients can access IPv4 systems through a NAT64\nserver.\n\nA flaw was found in the DNS64 implementation in BIND when using\nResponse Policy Zones (RPZ). If a remote attacker sent a specially\ncrafted query to a named server that is using RPZ rewrite rules, named\ncould exit unexpectedly with an assertion failure. Note that DNS64\nsupport is not enabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement :\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers\nto conduct traffic amplification attacks using DNS queries with\nspoofed source IP addresses. With this update, it is possible to use\nthe new 'rate-limit' configuration option in named.conf and configure\nthe maximum number of queries which the server responds to. Refer to\nthe BIND documentation for more details about the 'rate-limit' option.\n(BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # http://www.isc.org/software/bind/advisories/cve-2012-5689\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1cfb8b27\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5689\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0550\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-debuginfo-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-devel-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-libs-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-utils-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-utils-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-utils-9.8.2-0.17.rc1.el6.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2013-08-04T00:13:45", "published": "2013-08-04T00:13:45", "id": "FEDORA:C1FBF26597", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854", "CVE-2014-0591"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2014-01-18T04:21:45", "published": "2014-01-18T04:21:45", "id": "FEDORA:39DB62120F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-14.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854", "CVE-2014-0591", "CVE-2014-8500"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-01-06T06:13:56", "published": "2015-01-06T06:13:56", "id": "FEDORA:0A72460CC887", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-16.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2012-12-10T07:10:53", "published": "2012-12-10T07:10:53", "id": "FEDORA:1EF0120940", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: bind-9.9.2-5.P1.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2013-08-02T22:04:32", "published": "2013-08-02T22:04:32", "id": "FEDORA:DF88222B91", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-5.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "seebug": [{"lastseen": "2017-11-19T17:46:36", "description": "Bugtraq ID:58736\r\nCVE ID:CVE-2013-2266\r\n\r\nISC BIND\u662f\u4e00\u6b3eDNS\u534f\u8bae\u7684\u5b9e\u73b0\r\n\r\nISC BIND\u5b58\u5728\u4e00\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\uff0c\u4f7f\u76ee\u6807named\u670d\u52a1\u5728\u5904\u7406\u89c4\u5219\u8868\u8fbe\u5f0f\u65f6\u6d88\u8017\u5927\u91cf\u5185\u5b58\uff0c\u9020\u6210\u7cfb\u7edf\u5d29\u6e83\u3002\r\nBIND 9.6.x\u548c10.x\u4e0d\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\u3002\u6b64\u5916\u6b64\u6f0f\u6d1e\u4ec5\u5f71\u54cdunix\u53ca\u76f8\u5173\u7684\u64cd\u4f5c\u7cfb\u7edf\uff0c\u57fa\u4e8ewindows\u7684\u7248\u672c\u4e0d\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\u3002\r\n0\r\nISC BIND 9.7.x, 9.8.0 -> 9.8.5b1, 9.9.0 -> 9.9.3b1\r\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nISC BIND 9.8.4-P2, 9.9.2-P\u53ca\u66f4\u6539\u7248\u672c\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://www.isc.org/software/bind", "published": "2013-03-29T00:00:00", "title": "ISC BIND 9 'libdns' \u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e(CVE-2013-2266)", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-2266"], "modified": "2013-03-29T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60714", "id": "SSV:60714", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:47:23", "description": "BUGTRAQ ID: 57556\r\nCVE(CAN) ID: CVE-2012-5689\r\n\r\nBIND\u662f\u4e00\u4e2a\u5e94\u7528\u975e\u5e38\u5e7f\u6cdb\u7684DNS\u534f\u8bae\u7684\u5b9e\u73b0\u3002\r\n\r\nISC BIND 9.8.x\u30019.9.x\u5728\u67d0\u4e9b\u914d\u7f6e\u4e2d\uff0cDNS64\u7684\u54cd\u5e94\u7b56\u7565\u533a\u57df\u7f3a\u5c11AAAA\u91cd\u5199\u89c4\u5219\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7AAAA\u8bb0\u5f55\u67e5\u8be2\uff0c\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u65ad\u8a00\u5931\u8d25\u5e76\u9000\u51fa\u6307\u5b9a\u7a0b\u5e8f\uff09\u3002\n0\nISC BIND 9.9.x\r\nISC BIND 9.8.x\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n2013\u5e741\u670824\u65e5\u5382\u5546\u5df2\u7ecf\u53d1\u5e03beta\u7248\u672c\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0cNSFOCUS\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n* \u786e\u4fddRPZ\u5305\u542b\u6bcf\u4e2aA\u91cd\u5199\u89c4\u5219\u7684AAAA\u91cd\u5199\u89c4\u5219\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nISC\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.isc.org/software/bind/advisories/", "published": "2013-01-30T00:00:00", "title": "ISC BIND 9 DNS64 \u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-5689"], "modified": "2013-01-30T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60609", "id": "SSV:60609", "sourceData": "", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:48:21", "description": "BUGTRAQ ID: 56817\r\nCVE(CAN) ID: CVE-2012-5688\r\n\r\nBIND\u662f\u4e00\u4e2a\u5e94\u7528\u975e\u5e38\u5e7f\u6cdb\u7684DNS\u534f\u8bae\u7684\u5b9e\u73b0\u3002\r\n\r\nISC BIND 9.8.0\u53ca\u66f4\u9ad8\u7248\u672c\u652f\u6301 DNS64 IPv6\u8f6c\u6362\u673a\u5236\uff0c\u5982\u679c\u542f\u7528\u4e86dns64\u914d\u7f6e\u72b6\u6001\uff0cBIND 9\u57df\u540d\u670d\u52a1\u5668\u5728\u89e3\u6790\u7279\u5236\u7684\u8bf7\u6c42\u65f6\uff0c\u4f1a\u89e6\u53d1REQUIRE\u65ad\u8a00\u5931\u8d25\uff0c\u9020\u6210\u670d\u52a1\u5668\u5d29\u6e83\u3002\u6b64\u6f0f\u6d1e\u53ef\u88ab\u8fdc\u7a0b\u5229\u7528\uff0c9.8.0\u4e4b\u524d\u7248\u672c\u3001\u4e0d\u542f\u7528DNS64\u65f6\u4e0d\u53d7\u6b64\u6f0f\u6d1e\u7684\u5f71\u54cd\u3002\n0\nISC BIND 9.9.0->9.9.2\r\nISC BIND 9.8.0->9.8.4\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5bf9\u4e8e\u542f\u7528\u4e86DNS64\u7684BIND 9\u670d\u52a1\u5668\uff0c\u7981\u6b62\u63a5\u53d7\u6765\u81ea\u53ef\u7591\u5ba2\u6237\u7aef\u7684\u8bf7\u6c42\u3002\u6216\u8005\u7981\u7528DNS64\u3001\u5347\u7ea7\u5230\u5df2\u4fee\u590d\u8865\u4e01\u7684\u7248\u672c\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nISC\r\n---\r\nISC\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08AA-00828\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nAA-00828\uff1aCVE-2012-5688: BIND 9 servers using DNS64 can be crashed by a crafted query\r\n\r\n\u94fe\u63a5\uff1ahttps://kb.isc.org/article/AA-00828\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1ahttp://www.isc.org/downloads/all.\r\n\r\nBIND 9 version 9.8.4-P1\r\nBIND 9 version 9.9.2-P1", "published": "2012-12-11T00:00:00", "title": "ISC BIND 9 DNS64 REQUIRE\u65ad\u8a00\u5931\u8d25\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-5688"], "modified": "2012-12-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60500", "id": "SSV:60500", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "slackware": [{"lastseen": "2020-10-25T16:35:53", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1667", "CVE-2012-3817", "CVE-2012-3868", "CVE-2012-5166", "CVE-2012-5688"], "description": "New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded.\n IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to\n 9.8.4_P1 since the 9.7 series is no longer supported. It is\n possible that some changes may be required to your local\n configuration.\n This release addresses some denial-of-service and other bugs.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\n2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\nb6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nb35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\na6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nf4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz\n\nSlackware x86_64 -current package:\n4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2012-12-07T03:50:45", "published": "2012-12-07T03:50:45", "id": "SSA-2012-341-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "centos": [{"lastseen": "2020-10-30T13:24:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0550\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\nDNS64 is used to automatically generate DNS records so IPv6 based clients\ncan access IPv4 systems through a NAT64 server.\n\nA flaw was found in the DNS64 implementation in BIND when using Response\nPolicy Zones (RPZ). If a remote attacker sent a specially-crafted query to\na named server that is using RPZ rewrite rules, named could exit\nunexpectedly with an assertion failure. Note that DNS64 support is not\nenabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement:\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers to\nconduct traffic amplification attacks using DNS queries with spoofed source\nIP addresses. With this update, it is possible to use the new \"rate-limit\"\nconfiguration option in named.conf and configure the maximum number of\nqueries which the server responds to. Refer to the BIND documentation for\nmore details about the \"rate-limit\" option. (BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031653.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-February/007006.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-sdb\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0550.html", "edition": 7, "modified": "2013-03-09T00:44:51", "published": "2013-02-27T20:09:16", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-February/007006.html", "id": "CESA-2013:0550", "title": "bind security update", "type": "centos", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:26:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1549\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. DNS64 is\nused to automatically generate DNS records so IPv6 based clients can access\nIPv4 systems through a NAT64 server.\n\nA flaw was found in the DNS64 implementation in BIND. If a remote attacker\nsent a specially-crafted query to a named server, named could exit\nunexpectedly with an assertion failure. Note that DNS64 support is not\nenabled by default. (CVE-2012-5688)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-December/031063.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-sdb\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1549.html", "edition": 3, "modified": "2012-12-06T22:45:49", "published": "2012-12-06T22:45:49", "href": "http://lists.centos.org/pipermail/centos-announce/2012-December/031063.html", "id": "CESA-2012:1549", "title": "bind security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1115\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/031918.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1115.html", "edition": 3, "modified": "2013-07-30T04:50:14", "published": "2013-07-30T04:50:14", "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/031918.html", "id": "CESA-2013:1115", "title": "bind97 security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:45", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1114\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/031917.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-sdb\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1114.html", "edition": 3, "modified": "2013-07-30T04:35:38", "published": "2013-07-30T04:35:38", "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/031917.html", "id": "CESA-2013:1114", "title": "bind security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:35:17", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689"], "description": "**Issue Overview:**\n\nA flaw was found in the DNS64 implementation in BIND when using Response Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. ([CVE-2012-5689 __](<https://access.redhat.com/security/cve/CVE-2012-5689>))\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-sdb-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-utils-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-chroot-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-debuginfo-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-devel-9.8.2-0.17.rc1.27.amzn1.i686 \n bind-libs-9.8.2-0.17.rc1.27.amzn1.i686 \n \n src: \n bind-9.8.2-0.17.rc1.27.amzn1.src \n \n x86_64: \n bind-debuginfo-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-chroot-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-libs-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-devel-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-utils-9.8.2-0.17.rc1.27.amzn1.x86_64 \n bind-sdb-9.8.2-0.17.rc1.27.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-03-02T16:48:00", "published": "2013-03-02T16:48:00", "id": "ALAS-2013-158", "href": "https://alas.aws.amazon.com/ALAS-2013-158.html", "title": "Medium: bind", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:35:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "**Issue Overview:**\n\nA flaw was found in the DNS64 implementation in BIND. If a remote attacker sent a specially-crafted query to a named server, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. ([CVE-2012-5688 __](<https://access.redhat.com/security/cve/CVE-2012-5688>))\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-chroot-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-devel-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-sdb-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-utils-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-libs-9.8.2-0.10.rc1.26.amzn1.i686 \n bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.i686 \n \n src: \n bind-9.8.2-0.10.rc1.26.amzn1.src \n \n x86_64: \n bind-debuginfo-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-sdb-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-libs-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-chroot-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-utils-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-devel-9.8.2-0.10.rc1.26.amzn1.x86_64 \n bind-9.8.2-0.10.rc1.26.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-12-07T09:28:00", "published": "2012-12-07T09:28:00", "id": "ALAS-2012-146", "href": "https://alas.aws.amazon.com/ALAS-2012-146.html", "title": "Important: bind", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:25", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\nDNS64 is used to automatically generate DNS records so IPv6 based clients\ncan access IPv4 systems through a NAT64 server.\n\nA flaw was found in the DNS64 implementation in BIND when using Response\nPolicy Zones (RPZ). If a remote attacker sent a specially-crafted query to\na named server that is using RPZ rewrite rules, named could exit\nunexpectedly with an assertion failure. Note that DNS64 support is not\nenabled by default. (CVE-2012-5689)\n\nThis update also adds the following enhancement:\n\n* Previously, it was impossible to configure the the maximum number of\nresponses sent per second to one client. This allowed remote attackers to\nconduct traffic amplification attacks using DNS queries with spoofed source\nIP addresses. With this update, it is possible to use the new \"rate-limit\"\nconfiguration option in named.conf and configure the maximum number of\nqueries which the server responds to. Refer to the BIND documentation for\nmore details about the \"rate-limit\" option. (BZ#906312)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain patches to correct this issue and add this enhancement. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\n", "modified": "2018-06-06T20:24:28", "published": "2013-02-21T05:00:00", "id": "RHSA-2013:0550", "href": "https://access.redhat.com/errata/RHSA-2013:0550", "type": "redhat", "title": "(RHSA-2013:0550) Moderate: bind security and enhancement update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:47:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. DNS64 is\nused to automatically generate DNS records so IPv6 based clients can access\nIPv4 systems through a NAT64 server.\n\nA flaw was found in the DNS64 implementation in BIND. If a remote attacker\nsent a specially-crafted query to a named server, named could exit\nunexpectedly with an assertion failure. Note that DNS64 support is not\nenabled by default. (CVE-2012-5688)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2018-06-06T20:24:23", "published": "2012-12-06T05:00:00", "id": "RHSA-2012:1549", "href": "https://access.redhat.com/errata/RHSA-2012:1549", "type": "redhat", "title": "(RHSA-2012:1549) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T12:08:45", "published": "2013-07-30T04:00:00", "id": "RHSA-2013:1115", "href": "https://access.redhat.com/errata/RHSA-2013:1115", "type": "redhat", "title": "(RHSA-2013:1115) Important: bind97 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2018-06-06T20:24:11", "published": "2013-07-30T04:00:00", "id": "RHSA-2013:1114", "href": "https://access.redhat.com/errata/RHSA-2013:1114", "type": "redhat", "title": "(RHSA-2013:1114) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:24", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "It was discovered that Bind incorrectly handled certain crafted queries \nwhen DNS64 was enabled. A remote attacker could use this flaw to cause Bind \nto crash, resulting in a denial of service.", "edition": 5, "modified": "2012-12-06T00:00:00", "published": "2012-12-06T00:00:00", "id": "USN-1657-1", "href": "https://ubuntu.com/security/notices/USN-1657-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-02T11:36:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "Maxim Shudrak discovered that Bind incorrectly handled certain malformed \nrdata. A remote attacker could use this flaw with a specially crafted \nquery to cause Bind to stop responding, resulting in a denial of service.", "edition": 5, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "USN-1910-1", "href": "https://ubuntu.com/security/notices/USN-1910-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:40", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "\nProblem description:\n\nDue to a software defect a crafted query can cause named(8) to crash\n\t with an assertion failure.\n\n", "edition": 4, "modified": "2013-02-19T00:00:00", "published": "2013-02-19T00:00:00", "id": "4671CDC9-7C6D-11E2-809B-6C626D99876C", "href": "https://vuxml.freebsd.org/freebsd/4671cdc9-7c6d-11e2-809b-6c626d99876c.html", "title": "FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5688"], "description": "\nISC reports:\n\nBIND 9 nameservers using the DNS64 IPv6 transition mechanism are\n\t vulnerable to a software defect that allows a crafted query to\n\t crash the server with a REQUIRE assertion failure. Remote\n\t exploitation of this defect can be achieved without extensive\n\t effort, resulting in a denial-of-service (DoS) vector against\n\t affected servers.\n\n", "edition": 4, "modified": "2012-11-27T00:00:00", "published": "2012-11-27T00:00:00", "id": "2892A8E2-3D68-11E2-8E01-0800273FE665", "href": "https://vuxml.freebsd.org/freebsd/2892a8e2-3d68-11e2-8e01-0800273fe665.html", "title": "dns/bind9* -- servers using DNS64 can be crashed by a crafted query", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-5688"], "description": "Crash on malcrafted request processing if DNS64 option is enabled.", "edition": 1, "modified": "2012-12-06T00:00:00", "published": "2012-12-06T00:00:00", "id": "SECURITYVULNS:VULN:12742", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12742", "title": "ISC bind DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "description": "assert() on client request processing.", "edition": 1, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "SECURITYVULNS:VULN:13223", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13223", "title": "ISC bind DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:57:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The BIND nameserver was updated to 9.9.3P2 to fix a\n security issue where incorrect bounds checking on private\n type 'keydata' could lead to a remotely triggerable REQUIRE\n failure. (CVE-2013-4854, bnc#831899)\n\n", "edition": 1, "modified": "2013-08-19T11:04:11", "published": "2013-08-19T11:04:11", "id": "OPENSUSE-SU-2013:1353-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00017.html", "title": "bind: 9.9.3P2 security and bugfix update (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:28:28", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "A specially crafted query with malicious rdata could have\n caused a crash (DoS) in named.\n", "edition": 1, "modified": "2013-08-07T21:04:12", "published": "2013-08-07T21:04:12", "id": "SUSE-SU-2013:1310-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "zdi": [{"lastseen": "2020-06-22T11:41:07", "bulletinFamily": "info", "cvelist": ["CVE-2013-4854"], "edition": 3, "description": "This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of an rdata section with a length that is less than four. The issue lies in the creation of an error message when an invalid message class is specified. An attacker can leverage this vulnerability to crash a remote instance of ISC BIND.", "modified": "2013-06-22T00:00:00", "published": "2013-08-13T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-13-210/", "id": "ZDI-13-210", "title": "ISC BIND rdata Denial Of Service Vulnerability", "type": "zdi", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}