MiracleLinux 4 : bind-9.7.3-2.2.0.1.AXS4.P3 (AXSA:2011-406:01)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2011-406:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(284320);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/14");

  script_cve_id("CVE-2011-1910", "CVE-2011-2464");

  script_name(english:"MiracleLinux 4 : bind-9.7.3-2.2.0.1.AXS4.P3 (AXSA:2011-406:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2011-406:01 advisory.

    BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND
    includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for
    applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating
    properly.
    Security issues fixed with this release:
    CVE-2011-1910
    Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before
    9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service
    (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
    CVE-2011-2464
    Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x
    before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted
    UPDATE request.
    Fixed bugs:
     - bind on 64-bit PowerPC architecture now uses the same native atomic operations as the PowerPC
    architecture instead of emulated ones.
     - the bind package used to generate the /etc/rndc.key file, by using entropy from /dev/random; this could
    lead to the bind package installation to hang. Since the rndc.key is used by rndc for advanced
    administration commands, it is no longer generated automatically during the bind package installation. If
    needed, users can generate the key file with the rndc-confgen -a command.
     - named could sometimes enter a deadlock. This has been fixed.
     - If the connection failed during named_sdb startup, the named_sdb PostgreSQL database backend failed to
    reconnect to the database. It now writes error message the systemlog and retries to connect at every
    lookup.
     - removed conflicts between i686 and x86_64 versions of bind-devel, they can now both be installed on the
    same machine.
     - initscripts does not kill all processes with the name 'named' when stopping the named daemon anymore,
    only the selected ones.
     - added the return codes of the dig utility to the dig man page.
     - updated the named.8 manpage to reflect that the system-config-bind utility is not provided anymore.
     - the status action of the named initscript would not complete when bind-sdb package was installed. This
    has been fixed.
     - if the resolv.conf contained search keyword with no arguments, the host/nslookup/dig utilities failed
    to parse correctly. They now ignore those lines.
     - Removed the incomplete list of TSIG algorithms from the nsupdate man page. It can be found in the
    dnssec-keygen man page.
    Enhancements:
     - re-based to version 9.7.3.
     - the host utility now honors debug, attempts and timeout options in resolv.conf.
     - added the new option DISABLE_ZONE_CHECKING to /etc/sysconfig/named. This is to bypass zone validation
    via the named-checkzone utility in initscript and allows to start named with misconfigured zones.
     - with this update, size, MD5 and the modification time of /etc/sysconfig/named configuration file is no
    longer checked via the rpm -V bind command.
     - Root zone DNSKEY is now included in the bind package, in the /etc/named.root.key file.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/2119");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-2464");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/05/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/12/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:bind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:bind-chroot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:bind-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:bind-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'bind-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-chroot-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-chroot-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-libs-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-libs-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-utils-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'bind-utils-9.7.3-2.2.0.1.AXS4.P3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-libs / bind-utils');
}