Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2016-0227-1.NASL
HistoryJan 26, 2016 - 12:00 a.m.

SUSE SLES10 Security Update : bind (SUSE-SU-2016:0227-1)

2016-01-2600:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
JSON

This update for bind fixes the following issues :

CVE-2015-8000: Remote denial of service by mis-parsing incoming responses. (bsc#958861)

CVE-2015-5722: DoS against servers performing validation on DNSSEC-signed records. (bsc#944066)

CVE-2015-5477: DoS against authoritative and recursive servers.

CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:0227-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(88178);
  script_version("2.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2015-5477", "CVE-2015-5722", "CVE-2015-8000", "CVE-2015-8704");

  script_name(english:"SUSE SLES10 Security Update : bind (SUSE-SU-2016:0227-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for bind fixes the following issues :

CVE-2015-8000: Remote denial of service by mis-parsing incoming
responses. (bsc#958861)

CVE-2015-5722: DoS against servers performing validation on
DNSSEC-signed records. (bsc#944066)

CVE-2015-5477: DoS against authoritative and recursive servers.

CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=939567"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=944066"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=958861"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=962189"
  );
  # https://download.suse.com/patch/finder/?keywords=6c9cd85bd7aa9140126fe2cf192d0ac0
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9fb3daf0"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2015-5477/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2015-5722/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2015-8000/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2015-8704/"
  );
  # https://www.suse.com/support/update/announcement/2016/suse-su-20160227-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?0c36687c"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected bind packages");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-chrootenv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/01/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/26");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES10)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES10", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES10" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES10 SP4", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"bind-libs-32bit-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"s390x", reference:"bind-libs-32bit-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-chrootenv-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-devel-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-doc-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-libs-9.6ESVR11P1-0.18.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"bind-utils-9.6ESVR11P1-0.18.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind");
}
VendorProductVersionCPE
novellsuse_linuxbindp-cpe:/a:novell:suse_linux:bind
novellsuse_linuxbind-chrootenvp-cpe:/a:novell:suse_linux:bind-chrootenv
novellsuse_linuxbind-develp-cpe:/a:novell:suse_linux:bind-devel
novellsuse_linuxbind-docp-cpe:/a:novell:suse_linux:bind-doc
novellsuse_linuxbind-libsp-cpe:/a:novell:suse_linux:bind-libs
novellsuse_linuxbind-utilsp-cpe:/a:novell:suse_linux:bind-utils
novellsuse_linux10cpe:/o:novell:suse_linux:10

Related

openvas 47
suse 13
redhat 8
nessus 69
oraclelinux 12
openwrt 1
debiancve 3
ubuntucve 2
fedora 8
f5 4
prion 2
debian 6
ibm 2
ubuntu 2
centos 5
checkpoint_advisories 1
cve 3
freebsd 2
freebsd_advisory 1
osv 3
veracode 2
aix 2
mageia 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0227-1)
2021-06-09 00:00:00
Oracle: Security Advisory (ELSA-2015-2658)
2015-12-18 00:00:00
Oracle: Security Advisory (ELSA-2015-2656)
2015-12-18 00:00:00
suse
suse
Security update for bind (important)
2016-01-25 15:11:48
Security update for bind (important)
2015-12-29 17:11:00
Security update for bind (important)
2015-12-25 19:10:40
redhat
redhat
(RHSA-2016:0079) Important: bind security update
2016-01-28 00:00:00
(RHSA-2016:0078) Important: bind security update
2016-01-28 00:00:00
(RHSA-2015:2658) Important: bind97 security update
2015-12-16 00:00:00
nessus
nessus
RHEL 6 : bind (RHSA-2016:0079)
2016-01-29 00:00:00
RHEL 6 : bind (RHSA-2016:0078)
2016-01-29 00:00:00
OracleVM 3.2 : bind (OVMSA-2016-0055)
2016-06-22 00:00:00
oraclelinux
oraclelinux
bind security update
2015-12-16 00:00:00
bind97 security update
2015-12-16 00:00:00
bind97 security update
2016-09-28 00:00:00
openwrt
openwrt
bind: Security update (4 CVEs)
2016-01-24 13:33:41
debiancve
debiancve
CVE-2015-8000
2015-12-16 15:59:00
CVE-2015-8704
2016-01-20 15:59:00
CVE-2015-5722
2015-09-05 02:59:00
ubuntucve
ubuntucve
CVE-2015-8000
2015-12-15 00:00:00
CVE-2015-8704
2016-01-19 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: dhcp-4.3.3-7.fc23
2015-12-19 18:28:55
[SECURITY] Fedora 22 Update: bind99-9.9.8-2.P3.fc22
2016-02-28 08:31:23
[SECURITY] Fedora 23 Update: bind99-9.9.8-1.P2.fc23
2015-12-19 18:28:55
f5
f5
K53445000 : BIND vulnerability CVE-2015-8704
2016-01-25 00:00:00
K34250741 : BIND vulnerability CVE-2015-8000
2015-12-16 00:00:00
SOL53445000 - BIND vulnerability CVE-2015-8704
2016-01-19 00:00:00
prion
prion
Authentication flaw
2016-01-20 15:59:00
Authentication flaw
2015-12-16 15:59:00
debian
debian
[SECURITY] [DLA 370-1] bind9 security update
2015-12-16 23:02:22
[SECURITY] [DSA 3420-1] bind9 security update
2015-12-15 21:03:48
[SECURITY] [DSA 3449-1] bind9 security update
2016-01-19 20:45:23
ibm
ibm
Security Bulletin: Vulnerability in bind affects PowerKVM (CVE-2015-8704)
2018-06-18 01:30:37
Security Bulletin: IBM Netezza Host Management is vulnerable to a BIND 9 utility issue (CVE-2015-5722)
2019-10-18 03:10:29
ubuntu
ubuntu
Bind vulnerability
2016-01-19 00:00:00
Bind vulnerability
2015-12-15 00:00:00
centos
centos
bind97 security update
2016-01-27 13:29:51
bind97 security update
2015-12-16 20:24:27
bind, caching security update
2015-12-16 20:26:24
checkpoint_advisories
checkpoint_advisories
ISC BIND apl_42.c INSIST Assertion Failure Denial of Service (CVE-2015-8704)
2016-02-25 00:00:00
cve
cve
CVE-2015-8704
2016-01-20 15:59:00
CVE-2015-8000
2015-12-16 15:59:00
CVE-2015-5722
2015-09-05 02:59:00
freebsd
freebsd
bind -- denial of service vulnerability
2016-01-19 00:00:00
bind -- denial of service vulnerability
2015-08-19 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:27.bind
2015-12-16 00:00:00
osv
osv
bind9 - security update
2015-09-10 00:00:00
bind9 - security update
2015-12-17 00:00:00
bind9 - security update
2015-09-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:09:11
Denial Of Service (DoS)
2019-01-15 09:07:32
aix
aix
Vulnerability in BIND affects AIX,Vulnerability in BIND affects VIOS
2016-02-25 09:58:38
Vulnerability in BIND affects AIX,Vulnerability in BIND affects VIOS
2015-11-03 09:00:00
mageia
mageia
Updated bind packages fix security vulnerability
2015-12-20 12:15:38
JSON
Related for SUSE_SU-2016-0227-1.NASL
openvas47suse13redhat8nessus69oraclelinux12openwrt1debiancve3ubuntucve2fedora8f54prion2debian6ibm2ubuntu2centos5checkpoint_advisories1cve3freebsd2freebsd_advisory1osv3veracode2aix2mageia1