Search...

SuSE 10 Security Update : bind (ZYPP Patch Number 7851)

2011-12-13T00:00:00

ID SUSE_BIND-7851.NASL
Type nessus
Reporter This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.
Modified 2011-12-13T00:00:00

Description

This update fixes the issue that specially crafted DNS queries could crash the bind name server. (CVE-2011-4313)

Additionally, a syntax check warning complaining about every include file that only provides a snippet for the overall configuration has been removed.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(57162);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-4313");

  script_name(english:"SuSE 10 Security Update : bind (ZYPP Patch Number 7851)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes the issue that specially crafted DNS queries could
crash the bind name server. (CVE-2011-4313)

Additionally, a syntax check warning complaining about every include
file that only provides a snippet for the overall configuration has
been removed."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-4313.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7851.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/11/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu &gt;!&lt; "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:4, reference:"bind-libs-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"bind-utils-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"bind-libs-32bit-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-chrootenv-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-devel-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-doc-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-libs-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"bind-utils-9.6ESVR5P1-0.9.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"bind-libs-32bit-9.6ESVR5P1-0.9.1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else exit(0, "The host is not affected.");

JSON Vulners Source

Initial Source

{"id": "SUSE_BIND-7851.NASL", "bulletinFamily": "scanner", "title": "SuSE 10 Security Update : bind (ZYPP Patch Number 7851)", "description": "This update fixes the issue that specially crafted DNS queries could\ncrash the bind name server. (CVE-2011-4313)\n\nAdditionally, a syntax check warning complaining about every include\nfile that only provides a snippet for the overall configuration has\nbeen removed.", "published": "2011-12-13T00:00:00", "modified": "2011-12-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/57162", "reporter": "This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.", "references": ["http://support.novell.com/security/cve/CVE-2011-4313.html"], "cvelist": ["CVE-2011-4313"], "type": "nessus", "lastseen": "2021-01-20T15:13:52", "edition": 23, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4313"]}, {"type": "f5", "idList": ["SOL14204", "F5:K14204"]}, {"type": "nessus", "idList": ["FEDORA_2011-16036.NASL", "CENTOS_RHSA-2011-1496.NASL", "ORACLELINUX_ELSA-2011-1459.NASL", "SL_20111129_BIND_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2011-1458.NASL", "CENTOS_RHSA-2011-1459.NASL", "CENTOS_RHSA-2011-1458.NASL", "F5_BIGIP_SOL14204.NASL", "SUSE_11_BIND-111121.NASL", "FREEBSD_PKG_90CC149410AC11E1B3EC0024E830109B.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870515", "OPENVAS:1361412562310831495", "OPENVAS:831497", "OPENVAS:840809", "OPENVAS:1361412562310122053", "OPENVAS:70561", "OPENVAS:1361412562310120401", "OPENVAS:881423", "OPENVAS:1361412562310881311", "OPENVAS:1361412562310881048"]}, {"type": "cert", "idList": ["VU:606539"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1270-3", "SUSE-SU-2011:1270-1", "SUSE-SU-2011:1268-1", "OPENSUSE-SU-2011:1272-1", "SUSE-SU-2011:1270-2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27305", "SECURITYVULNS:VULN:12039"]}, {"type": "centos", "idList": ["CESA-2011:1458", "CESA-2011:1459", "CESA-2011:1496"]}, {"type": "fedora", "idList": ["FEDORA:E43DD2111A", "FEDORA:2377A21046", "FEDORA:D308720E42"]}, {"type": "threatpost", "idList": ["THREATPOST:AF7AF07452980EF7C523521B0CCAAC68"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1459", "ELSA-2011-1496"]}, {"type": "cisa", "idList": ["CISA:4C6CB52379F26A578A2CE154E10DE8CC"]}, {"type": "redhat", "idList": ["RHSA-2011:1458", "RHSA-2011:1496", "RHSA-2011:1459"]}, {"type": "freebsd", "idList": ["90CC1494-10AC-11E1-B3EC-0024E830109B"]}, {"type": "ubuntu", "idList": ["USN-1264-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2347-1:7C7B0"]}, {"type": "amazon", "idList": ["ALAS-2011-024"]}], "modified": "2021-01-20T15:13:52", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-01-20T15:13:52", "rev": 2}, "vulnersScore": 6.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57162);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-4313\");\n\n script_name(english:\"SuSE 10 Security Update : bind (ZYPP Patch Number 7851)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the issue that specially crafted DNS queries could\ncrash the bind name server. (CVE-2011-4313)\n\nAdditionally, a syntax check warning complaining about every include\nfile that only provides a snippet for the overall configuration has\nbeen removed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4313.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7851.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-libs-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-utils-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-chrootenv-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-devel-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-doc-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-libs-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-utils-9.6ESVR5P1-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR5P1-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "57162", "cpe": ["cpe:/o:suse:suse_linux"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:51:07", "description": "query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.", "edition": 4, "cvss3": {}, "published": "2011-11-29T17:55:00", "title": "CVE-2011-4313", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4313"], "modified": "2018-01-06T02:29:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2011-4313", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4313", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:38", "bulletinFamily": "software", "cvelist": ["CVE-2011-4313"], "edition": 1, "description": "\nF5 Product Development has assigned ID 372590 to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H389449 on the **Diagnostics** > **Identified **> **High **screen.\n\nTo find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table: \n\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 9.4.0 - 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 \n| 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None | 11.3.0 - 11.4.0 \n| None \nBIG-IP Analytics | None | 11.0.0 - 1.4.0 \n| None \nBIG-IP APM | 10.1.0 - 10.2.3 \n11.0.0 - 11.1.0 \n| 10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP ASM | 9.4.0 - 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 \n| 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP Edge Gateway \n| 10.1.0 - 10.2.3 \n11.0.0 - 11.1.0 | 10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP GTM | 9.4.0 - 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 \n| 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP Link Controller | 9.4.0 - 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 | 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP PEM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | 9.4.5 - 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 | 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.4.0 \n| BIND \nBIG-IP WebAccelerator | 9.4.0- 9.4.8 HF4 \n10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 | 9.4.8 HF5 \n10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.3.0 \n| BIND \nBIG-IP WOM | 10.0.0 - 10.2.3 \n11.0.0 - 11.1.0 \n| 10.2.1 HF4 \n10.2.2 HF4 \n10.2.3 HF1 \n10.2.4 \n11.1.0 HF1 \n11.2.0 - 11.3.0 \n| BIND \nARX | None | 5.x \n6.x \n| None \nEnterprise Manager | None \n| 1.0.0 - 1.8.0* \n2.0.0 - 2.3.0* \n3.x \n| None \nFirePass | None | 6.x \n7.x \n| None \n \n* F5 Product Development has determined that these Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabled.\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\n * [Common Vulnerabilities and Exposures (CVE-2011-4313)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2016-01-09T02:30:00", "published": "2013-02-13T01:34:00", "href": "https://support.f5.com/csp/article/K14204", "id": "F5:K14204", "title": "BIND vulnerability CVE-2011-4313", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:26", "bulletinFamily": "software", "cvelist": ["CVE-2011-4313"], "edition": 1, "description": "* F5 Product Development has determined that these Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabled.\n\nRecommended action\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nSupplemental Information\n\n * [Common Vulnerabilities and Exposures (CVE-2011-4313)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313>)\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL6845: Managing BIG-IP product hotfixes (9.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2013-09-10T00:00:00", "published": "2013-02-12T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/200/sol14204.html", "id": "SOL14204", "title": "SOL14204 - BIND vulnerability CVE-2011-4313", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-03-01T01:20:45", "description": "A flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.", "edition": 25, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : bind (ALAS-2011-24)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bind", "p-cpe:/a:amazon:linux:bind-utils", "p-cpe:/a:amazon:linux:bind-debuginfo", "p-cpe:/a:amazon:linux:bind-sdb", "p-cpe:/a:amazon:linux:bind-devel", "p-cpe:/a:amazon:linux:bind-libs", "p-cpe:/a:amazon:linux:bind-chroot", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2011-24.NASL", "href": "https://www.tenable.com/plugins/nessus/69583", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2011-24.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69583);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_xref(name:\"ALAS\", value:\"2011-24\");\n script_xref(name:\"RHSA\", value:\"2011:1458\");\n\n script_name(english:\"Amazon Linux AMI : bind (ALAS-2011-24)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2011-24.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update bind' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"bind-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-chroot-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-debuginfo-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-devel-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-libs-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-sdb-9.7.3-2.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"bind-utils-9.7.3-2.11.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:00:50", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through\n 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through\n 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1\n allows remote attackers to cause a denial of service\n (assertion failure and named exit) via unknown vectors\n related to recursive DNS queries, error logging, and the\n caching of an invalid record by the resolver.\n (CVE-2011-4313)", "edition": 24, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:bind"], "id": "SOLARIS11_BIND_20111202.NASL", "href": "https://www.tenable.com/plugins/nessus/80592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80592);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4313\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through\n 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through\n 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1\n allows remote attackers to cause a denial of service\n (assertion failure and named exit) via unknown vectors\n related to recursive DNS queries, error logging, and the\n caching of an invalid record by the resolver.\n (CVE-2011-4313)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2011-4313-denial-of-service-vulnerability-in-bind-domain-name-server\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 02.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:bind\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^bind$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.2.0.3.0\", sru:\"SRU 2\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : bind\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"bind\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:27:21", "description": "Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind97 are advised to upgrade to these updated packages,\nwhich resolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.", "edition": 26, "published": "2011-11-22T00:00:00", "title": "CentOS 5 : bind97 (CESA-2011:1459)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2011-11-22T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind97-libs", "p-cpe:/a:centos:centos:bind97", "p-cpe:/a:centos:centos:bind97-utils", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:bind97-devel", "p-cpe:/a:centos:centos:bind97-chroot"], "id": "CENTOS_RHSA-2011-1459.NASL", "href": "https://www.tenable.com/plugins/nessus/56880", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1459 and \n# CentOS Errata and Security Advisory 2011:1459 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56880);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_bugtraq_id(50690);\n script_xref(name:\"RHSA\", value:\"2011:1459\");\n\n script_name(english:\"CentOS 5 : bind97 (CESA-2011:1459)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind97 are advised to upgrade to these updated packages,\nwhich resolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018209.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a19793f7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018210.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14a961ab\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-9.7.0-6.P2.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-devel-9.7.0-6.P2.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-libs-9.7.0-6.P2.el5_7.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-utils-9.7.0-6.P2.el5_7.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:46:11", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111117_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61178", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61178);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4313\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1111&L=scientific-linux-errata&T=0&P=2260\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8c9c2d6b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-chroot-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-debuginfo-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-devel-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libbind-devel-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libs-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-sdb-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-utils-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"caching-nameserver-9.3.6-16.P1.el5_7.1\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"bind-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-debuginfo-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.7.3-2.el6_1.P3.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:07:49", "description": " - Cache lookup could return RRSIG data associated with\n nonexistent records, leading to an assertion failure.\n (bnc#730995) CVE-2011-4313", "edition": 23, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : bind (openSUSE-2011-13)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-lwresd", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "p-cpe:/a:novell:opensuse:bind"], "id": "OPENSUSE-2011-13.NASL", "href": "https://www.tenable.com/plugins/nessus/74518", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-13.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74518);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4313\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-2011-13)\");\n script_summary(english:\"Check for the openSUSE-2011-13 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Cache lookup could return RRSIG data associated with\n nonexistent records, leading to an assertion failure.\n (bnc#730995) CVE-2011-4313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=730995\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-chrootenv-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-debuginfo-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-debugsource-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-devel-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-libs-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-libs-debuginfo-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-lwresd-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-lwresd-debuginfo-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-utils-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"bind-utils-debuginfo-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.8.1P1-4.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.8.1P1-4.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-debuginfo / bind-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:09:20", "description": "Update to the 9.7.4-P1 security release which fixes CVE-2011-4313.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-11-28T00:00:00", "title": "Fedora 14 : bind-9.7.4-2.P1.fc14 (2011-16002)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2011-11-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-16002.NASL", "href": "https://www.tenable.com/plugins/nessus/56951", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-16002.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56951);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_bugtraq_id(50690);\n script_xref(name:\"FEDORA\", value:\"2011-16002\");\n\n script_name(english:\"Fedora 14 : bind-9.7.4-2.P1.fc14 (2011-16002)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 9.7.4-P1 security release which fixes CVE-2011-4313.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=754509\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?074ade47\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bind-9.7.4-2.P1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:47:07", "description": "It was discovered that BIND, a DNS server, crashes while processing\ncertain sequences of recursive DNS queries, leading to a denial of\nservice. Authoritative-only server configurations are not affected by\nthis issue.", "edition": 16, "published": "2011-11-17T00:00:00", "title": "Debian DSA-2347-1 : bind9 - improper assert", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2011-11-17T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2347.NASL", "href": "https://www.tenable.com/plugins/nessus/56856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2347. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56856);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_xref(name:\"DSA\", value:\"2347\");\n\n script_name(english:\"Debian DSA-2347-1 : bind9 - improper assert\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that BIND, a DNS server, crashes while processing\ncertain sequences of recursive DNS queries, leading to a denial of\nservice. Authoritative-only server configurations are not affected by\nthis issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2347\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"bind9\", reference:\"1:9.6.ESV.R4+dfsg-0+lenny4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-doc\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-host\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9utils\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"dnsutils\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"host\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind-dev\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind9-60\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libdns69\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisc62\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccc60\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccfg62\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"liblwres60\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lwresd\", reference:\"1:9.7.3.dfsg-1~squeeze4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:47:15", "description": "The Internet Systems Consortium reports :\n\nOrganizations across the Internet reported crashes interrupting\nservice on BIND 9 nameservers performing recursive queries. Affected\nservers crashed after logging an error in query.c with the following\nmessage: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple\nversions were reported being affected, including all currently\nsupported release versions of ISC BIND 9.\n\nBecause it may be possible to trigger this bug even on networks that\ndo not allow untrusted users to access the recursive name servers\n(perhaps via specially crafted e-mail messages, and/or malicious web\nsites) it is recommended that ALL operators of recursive name servers\nupgrade immediately.", "edition": 26, "published": "2011-11-17T00:00:00", "title": "FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2011-11-17T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:bind96", "p-cpe:/a:freebsd:freebsd:bind97", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:bind98"], "id": "FREEBSD_PKG_90CC149410AC11E1B3EC0024E830109B.NASL", "href": "https://www.tenable.com/plugins/nessus/56857", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56857);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_bugtraq_id(50690);\n script_xref(name:\"FreeBSD\", value:\"SA-11:06.bind\");\n\n script_name(english:\"FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Internet Systems Consortium reports :\n\nOrganizations across the Internet reported crashes interrupting\nservice on BIND 9 nameservers performing recursive queries. Affected\nservers crashed after logging an error in query.c with the following\nmessage: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple\nversions were reported being affected, including all currently\nsupported release versions of ISC BIND 9.\n\nBecause it may be possible to trigger this bug even on networks that\ndo not allow untrusted users to access the recursive name servers\n(perhaps via specially crafted e-mail messages, and/or malicious web\nsites) it is recommended that ALL operators of recursive name servers\nupgrade immediately.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.isc.org/software/bind/advisories/cve-2011-4313\"\n );\n # https://vuxml.freebsd.org/freebsd/90cc1494-10ac-11e1-b3ec-0024e830109b.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f283d3ee\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind98\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind96<9.6.3.1.ESV.R5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind97<9.7.4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind98<9.8.1.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:46:11", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : bind on SL4.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111129_BIND_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61180", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61180);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4313\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1111&L=scientific-linux-errata&T=0&P=3120\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28d8931b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"bind-9.2.4-38.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-chroot-9.2.4-38.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-debuginfo-9.2.4-38.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-devel-9.2.4-38.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-libs-9.2.4-38.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-utils-9.2.4-38.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:27:21", "description": "Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.", "edition": 26, "published": "2011-11-22T00:00:00", "title": "CentOS 5 : bind (CESA-2011:1458)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "modified": "2011-11-22T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-devel", "p-cpe:/a:centos:centos:caching-nameserver", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-chroot", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:bind-libbind-devel"], "id": "CENTOS_RHSA-2011-1458.NASL", "href": "https://www.tenable.com/plugins/nessus/56879", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1458 and \n# CentOS Errata and Security Advisory 2011:1458 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56879);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4313\");\n script_bugtraq_id(50690);\n script_xref(name:\"RHSA\", value:\"2011:1458\");\n\n script_name(english:\"CentOS 5 : bind (CESA-2011:1458)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries,\nwhich caused it to cache an invalid record. A remote attacker could\nuse this flaw to send repeated queries for this invalid record,\ncausing the resolvers to exit unexpectedly due to a failed assertion.\n(CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018207.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85ffa19f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018208.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dad5582c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-chroot-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-devel-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libbind-devel-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libs-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-sdb-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-utils-9.3.6-16.P1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"caching-nameserver-9.3.6-16.P1.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-02T21:10:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-17T00:00:00", "published": "2012-02-13T00:00:00", "id": "OPENVAS:70599", "href": "http://plugins.openvas.org/nasl.php?oid=70599", "type": "openvas", "title": "FreeBSD Ports: bind96", "sourceData": "#\n#VID 90cc1494-10ac-11e1-b3ec-0024e830109b\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 90cc1494-10ac-11e1-b3ec-0024e830109b\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n bind96\n bind97\n bind98\n\nCVE-2011-4313\nquery.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5,\n9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1,\nand 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial\nof service (assertion failure and named exit) via unknown vectors\nrelated to recursive DNS queries, error logging, and the caching of an\ninvalid record by the resolver.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70599);\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_cve_id(\"CVE-2011-4313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 5958 $\");\n script_name(\"FreeBSD Ports: bind96\");\n\n script_xref(name:\"URL\" , value:\"https://www.isc.org/software/bind/advisories/cve-2011-4313\");\n script_xref(name:\"URL\" , value:\"http://www.vuxml.org/freebsd/90cc1494-10ac-11e1-b3ec-0024e830109b.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R5.1\")<0) {\n txt += 'Package bind96 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.4.1\")<0) {\n txt += 'Package bind97 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.1.1\")<0) {\n txt += 'Package bind98 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "Check for the Version of bind", "modified": "2018-01-09T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:864090", "href": "http://plugins.openvas.org/nasl.php?oid=864090", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-16057", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-16057\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 16\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html\");\n script_id(864090);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:13:37 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-16057\");\n script_name(\"Fedora Update for bind FEDORA-2011-16057\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.1~4.P1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "Oracle Linux Local Security Checks ELSA-2011-1459", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122054", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1459", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1459.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122054\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:19 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1459\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1459 - bind97 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1459\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1459.html\");\n script_cve_id(\"CVE-2011-4313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-11-18T00:00:00", "id": "OPENVAS:1361412562310831495", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831495", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:176 (bind)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:176 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-11/msg00030.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831495\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:48:13 +0530 (Fri, 18 Nov 2011)\");\n script_xref(name:\"MDVSA\", value:\"2011:176\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"Mandriva Update for bind MDVSA-2011:176 (bind)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"bind on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability was discovered and corrected in bind:\n Cache lookup could return RRSIG data associated with nonexistent\n records, leading to an assertion failure. [ISC RT #26590]\n (CVE-2011-4313).\n\n The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1\n which is not vulnerable to this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-11-18T00:00:00", "id": "OPENVAS:1361412562310831496", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831496", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:176-1 (bind)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:176-1 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-11/msg00031.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831496\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:48:14 +0530 (Fri, 18 Nov 2011)\");\n script_xref(name:\"MDVSA\", value:\"2011:176-1\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"Mandriva Update for bind MDVSA-2011:176-1 (bind)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"bind on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability was discovered and corrected in bind:\n Cache lookup could return RRSIG data associated with nonexistent\n records, leading to an assertion failure. [ISC RT #26590]\n (CVE-2011-4313).\n\n The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1\n which is not vulnerable to this issue.\n\n Update:\n Packages provided for Mandriva Enterprise Server 5.2 and Mandriva\n Linux 2010.2 with the MDVSA-2011:176 advisory had a faulty release\n number effectively preventing installation without excessive force\n due to a previous packaging mistake. This advisory provides corrected\n packages to address the problem.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:40:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2011-11-18T00:00:00", "id": "OPENVAS:1361412562310870515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870515", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:1458-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:1458-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-November/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870515\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:45:23 +0530 (Fri, 18 Nov 2011)\");\n script_xref(name:\"RHSA\", value:\"2011:1458-01\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"RedHat Update for bind RHSA-2011:1458-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS queries, which\n caused it to cache an invalid record. A remote attacker could use this\n flaw to send repeated queries for this invalid record, causing the\n resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\n Users of bind are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~16.P1.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2011-12-02T00:00:00", "id": "OPENVAS:1361412562310870518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870518", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:1496-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:1496-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-November/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870518\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-02 13:28:41 +0530 (Fri, 02 Dec 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:1496-01\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"RedHat Update for bind RHSA-2011:1496-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS queries, which\n caused it to cache an invalid record. A remote attacker could use this\n flaw to send repeated queries for this invalid record, causing the\n resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\n Users of bind are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~38.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "Check for the Version of bind", "modified": "2017-07-06T00:00:00", "published": "2011-11-21T00:00:00", "id": "OPENVAS:831497", "href": "http://plugins.openvas.org/nasl.php?oid=831497", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:176-2 (bind)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:176-2 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered and corrected in bind Cache lookup could\n return RRSIG data associated with nonexistent records, leading to an\n assertion failure. [ISC RT #26590] (CVE-2011-4313).\n\n The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1\n which is not vulnerable to this issue.\n\n Update:\n Packages provided for Mandriva Enterprise Server 5.2 and Mandriva\n Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory\n had wrong release numbers effectively preventing installation without\n excessive force due previous packaging mistakes. This advisory provides\n corrected packages to address the problem.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-11/msg00032.php\");\n script_id(831497);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-21 09:36:35 +0530 (Mon, 21 Nov 2011)\");\n script_xref(name: \"MDVSA\", value: \"2011:176-2\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"Mandriva Update for bind MDVSA-2011:176-2 (bind)\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.1.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.1.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.1.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.1.P1.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.1.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.4~0.1.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.4~0.1.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.4~0.1.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-12-02T00:00:00", "id": "OPENVAS:1361412562310881048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881048", "type": "openvas", "title": "CentOS Update for bind CESA-2011:1496 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2011:1496 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-November/018259.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881048\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-02 13:29:44 +0530 (Fri, 02 Dec 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:1496\");\n script_cve_id(\"CVE-2011-4313\");\n script_name(\"CentOS Update for bind CESA-2011:1496 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"bind on CentOS 4\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS queries, which\n caused it to cache an invalid record. A remote attacker could use this\n flaw to send repeated queries for this invalid record, causing the\n resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\n Users of bind are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~38.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~38.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~38.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~38.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~38.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4313"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2347-1.", "modified": "2019-03-18T00:00:00", "published": "2012-02-11T00:00:00", "id": "OPENVAS:136141256231070561", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070561", "type": "openvas", "title": "Debian Security Advisory DSA 2347-1 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2347_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2347-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70561\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4313\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 02:30:55 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2347-1 (bind9)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202347-1\");\n script_tag(name:\"insight\", value:\"It was discovered that BIND, a DNS server, crashes while processing\ncertain sequences of recursive DNS queries, leading to a denial of\nservice. Authoritative-only server configurations are not affected by\nthis issue.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze4.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to bind9\nannounced via advisory DSA 2347-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns58\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny4\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:31", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "[20:9.2.4-38]\n- fix CVE-2011-4313", "edition": 4, "modified": "2011-11-29T00:00:00", "published": "2011-11-29T00:00:00", "id": "ELSA-2011-1496", "href": "http://linux.oracle.com/errata/ELSA-2011-1496.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:54", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "[32:9.7.0-6.P2.4]\n- fix DOS against recursive servers (#754398)", "edition": 4, "modified": "2011-11-17T00:00:00", "published": "2011-11-17T00:00:00", "id": "ELSA-2011-1459", "href": "http://linux.oracle.com/errata/ELSA-2011-1459.html", "title": "bind97 security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2018-06-06T20:24:12", "published": "2011-11-17T05:00:00", "id": "RHSA-2011:1458", "href": "https://access.redhat.com/errata/RHSA-2011:1458", "type": "redhat", "title": "(RHSA-2011:1458) Important: bind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:47:03", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2017-09-08T12:13:05", "published": "2011-11-29T05:00:00", "id": "RHSA-2011:1496", "href": "https://access.redhat.com/errata/RHSA-2011:1496", "type": "redhat", "title": "(RHSA-2011:1496) Important: bind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:47:15", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind97 are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2017-09-08T12:18:54", "published": "2011-11-17T05:00:00", "id": "RHSA-2011:1459", "href": "https://access.redhat.com/errata/RHSA-2011:1459", "type": "redhat", "title": "(RHSA-2011:1459) Important: bind97 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:42", "bulletinFamily": "software", "cvelist": ["CVE-2011-4313"], "description": "==========================================================================\r\nUbuntu Security Notice USN-1264-1\r\nNovember 16, 2011\r\n\r\nbind9 vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.10\r\n- Ubuntu 11.04\r\n- Ubuntu 10.10\r\n- Ubuntu 10.04 LTS\r\n- Ubuntu 8.04 LTS\r\n\r\nSummary:\r\n\r\nBind could be made to crash if it received specially crafted network\r\ntraffic.\r\n\r\nSoftware Description:\r\n- bind9: Internet Domain Name Server\r\n\r\nDetails:\r\n\r\nIt was discovered that Bind incorrectly handled certain specially crafted\r\npackets. A remote attacker could use this flaw to cause Bind to crash,\r\nresulting in a denial of service.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.10:\r\n libdns69 1:9.7.3.dfsg-1ubuntu4.1\r\n\r\nUbuntu 11.04:\r\n libdns69 1:9.7.3.dfsg-1ubuntu2.3\r\n\r\nUbuntu 10.10:\r\n libdns66 1:9.7.1.dfsg.P2-2ubuntu0.5\r\n\r\nUbuntu 10.04 LTS:\r\n libdns64 1:9.7.0.dfsg.P1-1ubuntu0.4\r\n\r\nUbuntu 8.04 LTS:\r\n libdns36 1:9.4.2.dfsg.P2-2ubuntu0.9\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1264-1\r\n CVE-2011-4313\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.1\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu2.3\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.7.1.dfsg.P2-2ubuntu0.5\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.4\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.4.2.dfsg.P2-2ubuntu0.9\r\n", "edition": 1, "modified": "2011-11-20T00:00:00", "published": "2011-11-20T00:00:00", "id": "SECURITYVULNS:DOC:27305", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27305", "title": "[USN-1264-1] Bind vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:44", "bulletinFamily": "software", "cvelist": ["CVE-2011-4313"], "description": "Crash on packet parsing.", "edition": 1, "modified": "2011-11-20T00:00:00", "published": "2011-11-20T00:00:00", "id": "SECURITYVULNS:VULN:12039", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12039", "title": "bind DNS server DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:24:34", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1458\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030245.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030246.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1458.html", "edition": 3, "modified": "2011-11-18T13:24:22", "published": "2011-11-18T13:24:22", "href": "http://lists.centos.org/pipermail/centos-announce/2011-November/030245.html", "id": "CESA-2011:1458", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:24:41", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1496\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030297.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030298.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1496.html", "edition": 3, "modified": "2011-11-29T18:31:45", "published": "2011-11-29T18:31:45", "href": "http://lists.centos.org/pipermail/centos-announce/2011-November/030297.html", "id": "CESA-2011:1496", "title": "bind security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:25:04", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1459\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS queries, which\ncaused it to cache an invalid record. A remote attacker could use this\nflaw to send repeated queries for this invalid record, causing the\nresolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)\n\nUsers of bind97 are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030247.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-November/030248.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1459.html", "edition": 3, "modified": "2011-11-18T13:25:41", "published": "2011-11-18T13:25:41", "href": "http://lists.centos.org/pipermail/centos-announce/2011-November/030247.html", "id": "CESA-2011:1459", "title": "bind97 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:43:04", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "specially crafted DNS queries could crash the bind name\n server (CVE-2011-4313).\n\n", "edition": 1, "modified": "2011-11-22T13:08:45", "published": "2011-11-22T13:08:45", "id": "OPENSUSE-SU-2011:1272-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html", "type": "suse", "title": "bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:14:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "This update fixes the issue that specially crafted DNS\n queries could crash the bind name server. (CVE-2011-4313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313</a>\n > )\n", "edition": 1, "modified": "2011-11-23T05:08:36", "published": "2011-11-23T05:08:36", "id": "SUSE-SU-2011:1270-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00031.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:49:45", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "The following bug has been fixed:\n\n * specially crafted DNS queries could crash the bind\n name server (CVE-2011-4313).\n", "edition": 1, "modified": "2011-11-30T18:08:19", "published": "2011-11-30T18:08:19", "id": "SUSE-SU-2011:1270-3", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00033.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:43:03", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "This update for bind fixes the issue that specially crafted\n DNS queries could crash the bind name server\n (CVE-2011-4313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313</a>\n > ) .\n\n Additionally, a syntax check warning for include files as\n that one is failing on every include file that only\n provides a snippet for the overall configuration has been\n removed.\n", "edition": 1, "modified": "2011-11-22T01:08:39", "published": "2011-11-22T01:08:39", "id": "SUSE-SU-2011:1268-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:43:04", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "This update fixes the issue that specially crafted DNS\n queries could crash the bind name server. (CVE-2011-4313\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313</a>\n > )\n", "edition": 1, "modified": "2011-11-22T02:08:16", "published": "2011-11-22T02:08:16", "id": "SUSE-SU-2011:1270-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:55", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "\nThe Internet Systems Consortium reports:\n\nOrganizations across the Internet reported crashes interrupting\n\t service on BIND 9 nameservers performing recursive queries.\n\t Affected servers crashed after logging an error in query.c with\n\t the following message: \"INSIST(! dns_rdataset_isassociated(sigrdataset))\"\n\t Multiple versions were reported being affected, including all\n\t currently supported release versions of ISC BIND 9.\nBecause it may be possible to trigger this bug even on networks\n\t that do not allow untrusted users to access the recursive name\n\t servers (perhaps via specially crafted e-mail messages, and/or\n\t malicious web sites) it is recommended that ALL operators of\n\t recursive name servers upgrade immediately.\n\n", "edition": 4, "modified": "2012-01-29T00:00:00", "published": "2011-11-16T00:00:00", "id": "90CC1494-10AC-11E1-B3EC-0024E830109B", "href": "https://vuxml.freebsd.org/freebsd/90cc1494-10ac-11e1-b3ec-0024e830109b.html", "title": "BIND -- Remote DOS", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:28", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "It was discovered that Bind incorrectly handled certain specially crafted \npackets. A remote attacker could use this flaw to cause Bind to crash, \nresulting in a denial of service.", "edition": 5, "modified": "2011-11-16T00:00:00", "published": "2011-11-16T00:00:00", "id": "USN-1264-1", "href": "https://ubuntu.com/security/notices/USN-1264-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:21:30", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2347-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nNovember 16, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : improper assert\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-4313\n\nIt was discovered that BIND, a DNS server, crashes while processing\ncertain sequences of recursive DNS queries, leading to a denial of\nservice. Authoritative-only server configurations are not affected by\nthis issue.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny4.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze4.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-11-16T20:44:53", "published": "2011-11-16T20:44:53", "id": "DEBIAN:DSA-2347-1:7C7B0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00225.html", "title": "[SECURITY] [DSA 2347-1] bind9 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "**Issue Overview:**\n\nA flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion.\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-9.7.3-2.11.amzn1.i686 \n bind-debuginfo-9.7.3-2.11.amzn1.i686 \n bind-utils-9.7.3-2.11.amzn1.i686 \n bind-sdb-9.7.3-2.11.amzn1.i686 \n bind-chroot-9.7.3-2.11.amzn1.i686 \n bind-libs-9.7.3-2.11.amzn1.i686 \n bind-devel-9.7.3-2.11.amzn1.i686 \n \n src: \n bind-9.7.3-2.11.amzn1.src \n \n x86_64: \n bind-libs-9.7.3-2.11.amzn1.x86_64 \n bind-devel-9.7.3-2.11.amzn1.x86_64 \n bind-9.7.3-2.11.amzn1.x86_64 \n bind-debuginfo-9.7.3-2.11.amzn1.x86_64 \n bind-chroot-9.7.3-2.11.amzn1.x86_64 \n bind-sdb-9.7.3-2.11.amzn1.x86_64 \n bind-utils-9.7.3-2.11.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2011-11-30T21:59:00", "published": "2011-11-30T21:59:00", "id": "ALAS-2011-024", "href": "https://alas.aws.amazon.com/ALAS-2011-24.html", "title": "Important: bind", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T23:04:22", "bulletinFamily": "info", "cvelist": ["CVE-2011-4313"], "description": "[![BIND](https://media.threatpost.com/wp-content/uploads/sites/103/2013/04/07064807/bind_dns.jpg)](<https://www.isc.org/software/bind/advisories/cve-2011-4313>)There\u2019s a new vulnerability in the popular BIND name server software that is causing various versions of the application to crash unexpectedly after logging a certain kind of error. The Internet Software Consortium, which maintains BIND, is investigating the issue and trying to determine the severity of the problem.\n\nThe problem reportedly affects all of the currently supported versions of BIND, including BIND 9.7x and 9.8x.It\u2019s unknown right now whether the flaw can be used to run remote code.\n\n\u201cOrganizations across the Internet reported crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crashed after logging an error in query.c with the following message: \u201cINSIST(! dns_rdataset_isassociated(sigrdataset))\u201d Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and has produced patches which prevent the crash,\u201d the ISC said in an [advisory on the BIND flaw](<https://www.isc.org/software/bind/advisories/cve-2011-4313>).\n\n\u201cAn as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached.At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit. \u201c\n\nISC has produced patches for each of the vulnerable versions, and is still looking into whether there are any active exploits being used against the vulnerability right now. The patches are available on the [ISC BIND](<https://www.isc.org/software/bind/advisories/cve-2011-4313>) site.\n\n\u201cThe patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature,\u201d the ISC advisory says.\n", "modified": "2013-04-17T16:33:19", "published": "2011-11-16T19:29:10", "id": "THREATPOST:AF7AF07452980EF7C523521B0CCAAC68", "href": "https://threatpost.com/new-flaw-bind-causing-server-crashes-111611/75904/", "type": "threatpost", "title": "New Flaw in BIND Causing Server Crashes", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2011-11-19T06:03:27", "published": "2011-11-19T06:03:27", "id": "FEDORA:E43DD2111A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: bind-9.8.1-4.P1.fc16", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1910", "CVE-2011-4313"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2011-11-25T23:25:02", "published": "2011-11-25T23:25:02", "id": "FEDORA:2377A21046", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bind-9.8.1-3.P1.fc15", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4313", "CVE-2012-1667"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2012-06-15T12:24:27", "published": "2012-06-15T12:24:27", "id": "FEDORA:D308720E42", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: bind-9.8.3-2.P1.fc16", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "cisa": [{"lastseen": "2021-02-24T18:08:43", "bulletinFamily": "info", "cvelist": ["CVE-2011-4313"], "description": "The Internet Systems Consortium has released updates for BIND to address a vulnerability. This vulnerability may allow an attacker to cause a denial-of-service condition. Please refer to the Internet Systems Consortium [advisory](<http://www.isc.org/software/bind/advisories/cve-2011-4313>) for additional information. \n \nUS-CERT recommends that administrators of this product apply the respective patches for BIND [9.8.1-P1](<https://www.isc.org/software/bind/981-p1>), [9.7.4-P1](<https://www.isc.org/software/bind/974-p1>), [9.6-ESV-R5-P1](<https://www.isc.org/software/bind/96-esv-r5-p1>), and [9.4-ESV-R5-P1](<https://www.isc.org/software/bind/94-esv-r5-p1>) or check with their software vendors for updated versions. \n\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2011/11/17/Internet-Systems-Consortium-Releases-BIND-P1-Patches>); we'd welcome your feedback.\n", "modified": "2012-10-23T00:00:00", "published": "2011-11-17T00:00:00", "id": "CISA:4C6CB52379F26A578A2CE154E10DE8CC", "href": "https://us-cert.cisa.gov/ncas/current-activity/2011/11/17/Internet-Systems-Consortium-Releases-BIND-P1-Patches", "type": "cisa", "title": "Internet Systems Consortium Releases BIND-P1 Patches", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2020-09-18T20:42:02", "bulletinFamily": "info", "cvelist": ["CVE-2011-4313"], "description": "### Overview \n\nISC BIND 9 resolver contains a remote packet denial of service vulnerability after logging an error in query.c.\n\n### Description \n\nAccording to [ISC](<http://www.isc.org/software/bind/advisories/cve-2011-4313>):\n\n_An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached.At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit. \n \nThe patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature._ \n \n--- \n \n### Impact \n\nA remote, unauthenticated attacker can cause the BIND 9 resolver to crash creating a denial of service condition. \n \n--- \n \n### Solution \n\n \n**Apply an update** \n \nUsers who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors. \n \nThis vulnerability is addressed in ISC BIND versions 9.4-ESV-R5-P1, 9.6-ESV-R5-P1, 9.7.4-P1 and 9.8.1-P1. Users of BIND from the original source distribution should upgrade to this version. \n \nSee also <http://www.isc.org/software/bind/advisories/cve-2011-4313> \n \n--- \n \n### Vendor Information\n\n606539\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.debian.org/security/2011/dsa-2347>\n\n### Fedora Project Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html>\n * <http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html>\n * <http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html>\n\n### Hewlett-Packard Company Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://marc.info/?l=bugtraq&m=132310123002302&w=2 ](<http://marc.info/?l=bugtraq&m=132310123002302&w=2\n>)\n * [http://marc.info/?l=bugtraq&m=132310123002302&w=2](<http://marc.info/?l=bugtraq&m=132310123002302&w=2>)\n\n### Internet Systems Consortium Affected\n\nUpdated: November 16, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.isc.org/software/bind/981-p1>\n * <https://www.isc.org/software/bind/974-p1>\n * <https://www.isc.org/software/bind/96-esv-r5-p1>\n * <https://www.isc.org/software/bind/94-esv-r5-p1>\n\n### Mandriva S. A. Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.mandriva.com/security/advisories?name=MDVSA-2011:176>\n\n### Oracle Corporation Affected\n\nUpdated: November 28, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of>\n\n### Red Hat, Inc. Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.redhat.com/support/errata/RHSA-2011-1458.html>\n * <http://www.redhat.com/support/errata/RHSA-2011-1459.html>\n * <http://www.redhat.com/support/errata/RHSA-2011-1496.html>\n\n### SUSE Linux Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html>\n * <http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html>\n * <http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html>\n\n### Ubuntu Affected\n\nUpdated: January 06, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.ubuntu.com/usn/USN-1264-1>\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.isc.org/software/bind/advisories/cve-2011-4313>\n * <https://www.isc.org/software/bind/981-p1>\n * <https://www.isc.org/software/bind/974-p1>\n * <https://www.isc.org/software/bind/96-esv-r5-p1>\n * <https://www.isc.org/software/bind/94-esv-r5-p1>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2011-4313](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4313>) \n---|--- \n**Severity Metric:** | 21.92 \n**Date Public:** | 2011-11-16 \n**Date First Published:** | 2011-11-22 \n**Date Last Updated: ** | 2012-01-06 15:40 UTC \n**Document Revision: ** | 12 \n", "modified": "2012-01-06T15:40:00", "published": "2011-11-22T00:00:00", "id": "VU:606539", "href": "https://www.kb.cert.org/vuls/id/606539", "type": "cert", "title": "ISC BIND 9 resolver denial of service vulnerability", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}

SuSE 10 Security Update : bind (ZYPP Patch Number 7851)

Description

This update fixes the issue that specially crafted DNS queries could crash the bind name server. (CVE-2011-4313) Additionally, a syntax check warning complaining about every include file that only provides a snippet for the overall configuration has been removed.

This update fixes the issue that specially crafted DNS queries could crash the bind name server. (CVE-2011-4313)

Additionally, a syntax check warning complaining about every include file that only provides a snippet for the overall configuration has been removed.