DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310863377", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for bind FEDORA-2011-9127", "description": "The remote host is missing an update for the ", "published": "2011-07-27T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863377", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html", "2011-9127"], "cvelist": ["CVE-2011-2464", "CVE-2011-1910"], "lastseen": "2019-05-29T18:39:54", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2011:0845", "CESA-2011:0926"]}, {"type": "cert", "idList": ["VU:142646", "VU:795694"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-110"]}, {"type": "cisa", "idList": ["CISA:1FDBD9C529C199F875C503DF19FDE155", "CISA:49ADF3679AABE7F5EC72CB6B859EF95B"]}, {"type": "cve", "idList": ["CVE-2011-1910", "CVE-2011-2464"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2244-1:F8777", "DEBIAN:DSA-2272-1:98389"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1910", "DEBIANCVE:CVE-2011-2464"]}, {"type": "f5", "idList": ["F5:K12985", "F5:K12986", "SOL12985", "SOL12986"]}, {"type": "fedora", "idList": ["FEDORA:2377A21046", "FEDORA:3181F210F7", "FEDORA:38E9C10FD1C", "FEDORA:3ECB211129F", "FEDORA:6C2E6110DED", "FEDORA:72E67110D35", "FEDORA:8968920FE6", "FEDORA:97C87167A60"]}, {"type": "freebsd", "idList": ["1E1421F0-8D6F-11E0-89B4-001EC9578670", "FD64188D-A71D-11E0-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201206-01"]}, {"type": "nessus", "idList": ["5933.PRM", "5982.PRM", "6039.PRM", "BIND9_980_P2.NASL", "BIND9_980_P4.NASL", "CENTOS_RHSA-2011-0845.NASL", "CENTOS_RHSA-2011-0926.NASL", "DEBIAN_DSA-2244.NASL", "DEBIAN_DSA-2272.NASL", "F5_BIGIP_SOL12985.NASL", "F5_BIGIP_SOL12986.NASL", "FEDORA_2011-7602.NASL", "FEDORA_2011-7617.NASL", "FEDORA_2011-7621.NASL", "FEDORA_2011-9127.NASL", "FEDORA_2011-9146.NASL", "FREEBSD_PKG_1E1421F08D6F11E089B4001EC9578670.NASL", "FREEBSD_PKG_FD64188DA71D11E089B4001EC9578670.NASL", "GENTOO_GLSA-201206-01.NASL", "HPUX_PHNE_42727.NASL", "MACOSX_10_7_2.NASL", "MACOSX_SECUPD2011-006.NASL", "MANDRIVA_MDVSA-2011-104.NASL", "MANDRIVA_MDVSA-2011-115.NASL", "NEWSTART_CGSL_NS-SA-2021-0017_BIND.NASL", "ORACLELINUX_ELSA-2011-0845.NASL", "ORACLELINUX_ELSA-2011-0926.NASL", "ORACLEVM_OVMSA-2017-0066.NASL", "ORACLEVM_OVMSA-2020-0021.NASL", "REDHAT-RHSA-2011-0845.NASL", "REDHAT-RHSA-2011-0926.NASL", "SLACKWARE_SSA_2011-147-01.NASL", "SLACKWARE_SSA_2011-189-01.NASL", "SLACKWARE_SSA_2011-224-01.NASL", "SL_20110531_BIND97_ON_SL5_X.NASL", "SL_20110531_BIND_ON_SL6_X.NASL", "SL_20110707_BIND_ON_SL5_X.NASL", "SUSE_11_3_BIND-110531.NASL", "SUSE_11_3_BIND-110706.NASL", "SUSE_11_4_BIND-110531.NASL", "SUSE_11_4_BIND-110706.NASL", "SUSE_11_BIND-110706.NASL", "SUSE_BIND-7551.NASL", "SUSE_BIND-7614.NASL", "UBUNTU_USN-1139-1.NASL", "UBUNTU_USN-1163-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122137", "OPENVAS:1361412562310122159", "OPENVAS:136141256231069742", "OPENVAS:136141256231069752", "OPENVAS:136141256231069771", "OPENVAS:136141256231069979", "OPENVAS:136141256231069993", "OPENVAS:136141256231071545", "OPENVAS:136141256231071944", "OPENVAS:136141256231071953", "OPENVAS:136141256231071963", "OPENVAS:1361412562310802336", "OPENVAS:1361412562310831414", "OPENVAS:1361412562310831426", "OPENVAS:1361412562310840669", "OPENVAS:1361412562310840694", "OPENVAS:1361412562310850168", "OPENVAS:1361412562310863170", "OPENVAS:1361412562310863269", "OPENVAS:1361412562310863278", "OPENVAS:1361412562310863351", "OPENVAS:1361412562310863644", "OPENVAS:1361412562310863645", "OPENVAS:1361412562310864462", "OPENVAS:1361412562310870441", "OPENVAS:1361412562310870451", "OPENVAS:1361412562310880517", "OPENVAS:1361412562310880529", "OPENVAS:1361412562310881240", "OPENVAS:1361412562310881251", "OPENVAS:69742", "OPENVAS:69752", "OPENVAS:69771", "OPENVAS:69979", "OPENVAS:69993", "OPENVAS:71545", "OPENVAS:71944", "OPENVAS:71953", "OPENVAS:71963", "OPENVAS:802336", "OPENVAS:831414", "OPENVAS:831426", "OPENVAS:840669", "OPENVAS:840694", "OPENVAS:850168", "OPENVAS:863170", "OPENVAS:863269", "OPENVAS:863278", "OPENVAS:863351", "OPENVAS:863377", "OPENVAS:863644", "OPENVAS:863645", "OPENVAS:864462", "OPENVAS:870441", "OPENVAS:870451", "OPENVAS:880517", "OPENVAS:880529", "OPENVAS:881240", "OPENVAS:881251"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0845", "ELSA-2011-0926", "ELSA-2011-1458"]}, {"type": "osv", "idList": ["OSV:DSA-2244-1", "OSV:DSA-2272-1"]}, {"type": "redhat", "idList": ["RHSA-2011:0845", "RHSA-2011:0926"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26430", "SECURITYVULNS:DOC:26605", "SECURITYVULNS:DOC:26628", "SECURITYVULNS:DOC:26629", "SECURITYVULNS:DOC:27155", "SECURITYVULNS:VULN:11701", "SECURITYVULNS:VULN:11761", "SECURITYVULNS:VULN:11973"]}, {"type": "seebug", "idList": ["SSV:20595", "SSV:20706"]}, {"type": "slackware", "idList": ["SSA-2011-147-01", "SSA-2011-189-01", "SSA-2011-224-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0788-1", "SUSE-SA:2011:029", "SUSE-SU-2011:0608-1", "SUSE-SU-2011:0759-1"]}, {"type": "threatpost", "idList": ["THREATPOST:B10800CA8727ACCCEBAEC24EF4ED6E27"]}, {"type": "ubuntu", "idList": ["USN-1139-1", "USN-1163-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-1910", "UB:CVE-2011-2464"]}, {"type": "veracode", "idList": ["VERACODE:24738"]}]}, "score": {"value": -0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2011:0845", "CESA-2011:0926"]}, {"type": "cert", "idList": ["VU:142646"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-110"]}, {"type": "cisa", "idList": ["CISA:1FDBD9C529C199F875C503DF19FDE155"]}, {"type": "cve", "idList": ["CVE-2011-1910", "CVE-2011-2464"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2272-1:98389"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1910"]}, {"type": "f5", "idList": ["F5:K12985", "SOL12985", "SOL12986"]}, {"type": "fedora", "idList": ["FEDORA:8968920FE6"]}, {"type": "freebsd", "idList": ["1E1421F0-8D6F-11E0-89B4-001EC9578670", "FD64188D-A71D-11E0-89B4-001EC9578670"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2011-0926.NASL", "ORACLEVM_OVMSA-2020-0021.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122137", "OPENVAS:71963", "OPENVAS:863645", "OPENVAS:870441"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0926"]}, {"type": "redhat", "idList": ["RHSA-2011:0926"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26629", "SECURITYVULNS:DOC:27155"]}, {"type": "seebug", "idList": ["SSV:20595"]}, {"type": "slackware", "idList": ["SSA-2011-147-01"]}, {"type": "suse", "idList": ["SUSE-SA:2011:029"]}, {"type": "ubuntu", "idList": ["USN-1139-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2464"]}]}, "exploitation": null, "vulnersScore": -0.2}, "pluginID": "1361412562310863377", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-9127\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863377\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-9127\");\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-9127\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"bind on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.3.b1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660004461, "score": 1660010187}, "_internal": {"score_hash": "cab3ce8ff0751f6c18da68ed79f2ed97"}}

{"slackware": [{"lastseen": "2021-07-28T14:46:26", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\npatches/packages/bind-9.7.4-i486-1_slack13.37.txz: Upgraded.\n This BIND update addresses a couple of security issues:\n * named, set up to be a caching resolver, is vulnerable to a user\n querying a domain with very large resource record sets (RRSets)\n when trying to negatively cache the response. Due to an off-by-one\n error, caching the response could cause named to crash. [RT #24650]\n [CVE-2011-1910]\n * Change #2912 (see CHANGES) exposed a latent bug in the DNS message\n processing code that could allow certain UPDATE requests to crash\n named. [RT #24777] [CVE-2011-2464]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R5-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R5-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.4-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.4-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\ndc89ecedef601f734fd45daa5bdcd7d9 bind-9.4_ESV_R5-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\nd3bfca586ce41793538cec589ec5e885 bind-9.4_ESV_R5-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\nf515e3b8a2b22e1ba39735951f384bfe bind-9.4_ESV_R5-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\nbaefa4932cef962cd911dc4d963f014e bind-9.4_ESV_R5-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n8dabc6e5022b1135a9ba8a0aca654233 bind-9.4_ESV_R5-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\nb956f174f5804d04afe9f922e6dce047 bind-9.4_ESV_R5-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n71b7dea3e090840d319ee14bae47066e bind-9.4_ESV_R5-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\na62f276534e0528ff72e619fd6693a9c bind-9.4_ESV_R5-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n2687b1d88aa9098f8c2f17b0a2305922 bind-9.4_ESV_R5-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n400f63e3904f17878ffcfb708dc2441e bind-9.4_ESV_R5-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n09ef7f2dc543effe1c6867403f577c31 bind-9.4_ESV_R5-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n54a40e83d4fbdc6ad5cb6a6f675c32a5 bind-9.4_ESV_R5-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n892a69decaf20b0fdbb3c26e350f4091 bind-9.4_ESV_R5-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\nc0455392827bbab32f2f61efad86d306 bind-9.4_ESV_R5-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\ndd9c61c7937d6962644f3ab3b6827e9c bind-9.7.4-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n5b1a647dbb9650dfcaf60e17c9de5c6b bind-9.7.4-x86_64-1_slack13.37.txz\n\nSlackware -current package:\n8de3690d50448e07641ab56781809fb3 n/bind-9.7.4-i486-1.txz\n\nSlackware x86_64 -current package:\n052dc19a356df332d355581aa1d798f6 n/bind-9.7.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.7.4-i486-1_slack13.37.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {}, "published": "2011-08-13T00:34:14", "type": "slackware", "title": "[slackware-security] bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-2464"], "modified": "2011-08-13T00:34:14", "id": "SSA-2011-224-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.662839", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:28", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\npatches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz: Upgraded.\n This release fixes security issues:\n * A large RRSET from a remote authoritative server that results in\n the recursive resolver trying to negatively cache the response can\n hit an off by one code error in named, resulting in named crashing.\n [RT #24650] [CVE-2011-1910]\n * Zones that have a DS record in the parent zone but are also listed\n in a DLV and won't validate without DLV could fail to validate. [RT\n #24631]\n For more information, see:\n http://www.isc.org/software/bind/advisories/cve-2011-1910\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.3_P1-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.3_P1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.3_P1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n8aa76355e5ce1432688a18f2fe354533 bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\n8ef7d9bd5dab0da250a505c4e5836095 bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\na85a3d84d502a4523259783636bd95d1 bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n52ebf11a85312213a8aac6a7d47e7366 bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n53f8132077bd77fb818b402030d10ff8 bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n75f1f4be1eb53356bf0375d06cb94e8e bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n0064358785c0d118600d75a58005a944 bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n152ca0eb0b0e1e16a3d4fc6de1b4fa11 bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n6162c65c46f3e52de36c19d1ebe880d1 bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n82441358f2653c2b6c8feebe4274c8de bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n697e60fcdf95e468a9c51beefc444992 bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n322abb43ddd20aabccaa2bfa2433aa9c bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nd7d4386738483088b4ef6d6f72f18478 bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz\n\nSlackware 13.37 package:\n98dccb44c9193d8e8392e28db9cdca5d bind-9.7.3_P1-i486-1_slack13.37.txz\n\nSlackware x86_64 13.1 package:\na7faea792671b6a60c7a386907b8e143 bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz\n\nSlackware x86_64 13.37 package:\n58c7dd0fc47d0e0eeeb2e6a3663a8507 bind-9.7.3_P1-x86_64-1_slack13.37.txz\n\nSlackware -current package:\nb720d39eee93e2681532a6db509c3fd8 n/bind-9.7.3_P1-i486-1.txz\n\nSlackware x86_64 -current package:\n9ffcbc127fb1bfa67b75b77ceba123a9 n/bind-9.7.3_P1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.7.3_P1-i486-1_slack13.37.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {}, "published": "2011-05-28T01:14:25", "type": "slackware", "title": "[slackware-security] bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-28T01:14:25", "id": "SSA-2011-147-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.685026", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:27", "description": "New bind packages are available for Slackware 13.37, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\npatches/packages/bind-9.7.3_P3-i486-1_slack13.37.txz: Upgraded.\n A specially constructed packet will cause BIND 9 (\"named\") to exit,\n affecting DNS service. The issue exists in BIND 9.6.3 and newer.\n \"Change #2912 (see CHANGES) exposed a latent bug in the DNS message\n processing code that could allow certain UPDATE requests to crash\n named. This was fixed by disambiguating internal database\n representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]\"\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.3_P3-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.3_P3-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.3_P3-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.3_P3-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.37 package:\n6aa159ec74146d5794cd46075541405c bind-9.7.3_P3-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n08abf6bfffc52c0a392658ebd3fa046c bind-9.7.3_P3-x86_64-1_slack13.37.txz\n\nSlackware -current package:\ne5e1be017f8204ba3e3b4ad9e30f3714 n/bind-9.7.3_P3-i486-1.txz\n\nSlackware x86_64 -current package:\n3d1e556bc5a7646cf331398a8f09d582 n/bind-9.7.3_P3-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.7.3_P3-i486-1_slack13.37.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {}, "published": "2011-07-08T19:18:53", "type": "slackware", "title": "[slackware-security] bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-08T19:18:53", "id": "SSA-2011-189-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.377171", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-25T10:55:18", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-9127", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863377", "href": "http://plugins.openvas.org/nasl.php?oid=863377", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-9127\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 14\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html\");\n script_id(863377);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-9127\");\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-9127\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.3.b1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-224-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-224-01 bind", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231071963", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071963", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_224_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-224-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71963\");\n script_cve_id(\"CVE-2011-1910\", \"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:18 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-224-01 bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1|13\\.37)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-224-01\");\n\n script_tag(name:\"insight\", value:\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2011-224-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.4-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:47", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-224-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-224-01 bind ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-1910"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:71963", "href": "http://plugins.openvas.org/nasl.php?oid=71963", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_224_01.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-224-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2011-224-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-224-01\";\n \nif(description)\n{\n script_id(71963);\n script_cve_id(\"CVE-2011-1910\", \"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:18 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-224-01 bind \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.7.4-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-16002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-4313", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863645", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863645", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-16002\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863645\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:48:19 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-16002\");\n script_cve_id(\"CVE-2011-4313\", \"CVE-2011-1910\", \"CVE-2011-2464\");\n script_name(\"Fedora Update for bind FEDORA-2011-16002\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"bind on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~2.P1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-18T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-9146", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863351", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-9146\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863351\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-9146\");\n script_cve_id(\"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\");\n script_name(\"Fedora Update for bind FEDORA-2011-9146\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"bind on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.0~7.P4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-16002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-4313", "CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863645", "href": "http://plugins.openvas.org/nasl.php?oid=863645", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-16002\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 14\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html\");\n script_id(863645);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:48:19 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-16002\");\n script_cve_id(\"CVE-2011-4313\", \"CVE-2011-1910\", \"CVE-2011-2464\");\n script_name(\"Fedora Update for bind FEDORA-2011-16002\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~2.P1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:20", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-07-18T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-9146", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465", "CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863351", "href": "http://plugins.openvas.org/nasl.php?oid=863351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-9146\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 15\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html\");\n script_id(863351);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-9146\");\n script_cve_id(\"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\");\n script_name(\"Fedora Update for bind FEDORA-2011-9146\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.0~7.P4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:26", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:0845-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870441", "href": "http://plugins.openvas.org/nasl.php?oid=870441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:0845-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n \n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00036.html\");\n script_id(870441);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0845-01\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"RedHat Update for bind RHSA-2011:0845-01\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0845 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880529", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0845 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017599.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880529\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0845\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"CentOS Update for bind97 CESA-2011:0845 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind97 on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n\n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:13:29", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bind9-sdb-ldap, bind9-sdb-postgresql", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69752", "href": "http://plugins.openvas.org/nasl.php?oid=69752", "sourceData": "#\n#VID 1e1421f0-8d6f-11e0-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e1421f0-8d6f-11e0-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n bind9-sdb-ldap\n bind9-sdb-postgresql\n bind96\n bind97\n bind98\n\nCVE-2011-1910\nOff-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\nbefore 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n(assertion failure and daemon exit) via a negative response containing\nlarge RRSIG RRsets.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.isc.org/software/bind/advisories/cve-2011-1910\nhttp://www.vuxml.org/freebsd/1e1421f0-8d6f-11e0-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69752);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"FreeBSD Ports: bind9-sdb-ldap, bind9-sdb-postgresql\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bind9-sdb-ldap\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.4.3.4\")<0) {\n txt += 'Package bind9-sdb-ldap version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind9-sdb-postgresql\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.4.3.4\")<0) {\n txt += 'Package bind9-sdb-postgresql version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R4.1\")<0) {\n txt += 'Package bind96 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.3.1\")<0) {\n txt += 'Package bind97 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.0.2\")<0) {\n txt += 'Package bind98 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-147-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-147-01 bind", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231071944", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071944", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_147_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-147-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71944\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:16 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-147-01 bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1|13\\.37)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-147-01\");\n\n script_tag(name:\"insight\", value:\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2011-147-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.3_P1-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:25", "description": "Check for the Version of bind97", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0845 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880529", "href": "http://plugins.openvas.org/nasl.php?oid=880529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0845 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n \n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind97 on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017599.html\");\n script_id(880529);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0845\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"CentOS Update for bind97 CESA-2011:0845 centos5 i386\");\n\n script_summary(\"Check for the Version of bind97\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0845 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0845 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-May/017600.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881251\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:11:57 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0845\");\n script_name(\"CentOS Update for bind97 CESA-2011:0845 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind97 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n\n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:13", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-147-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-147-01 bind ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:71944", "href": "http://plugins.openvas.org/nasl.php?oid=71944", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_147_01.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-147-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2011-147-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-147-01\";\n \nif(description)\n{\n script_id(71944);\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:16 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-147-01 bind \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4_P1-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.7.3_P1-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:43", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory FreeBSD-SA-11:02.bind.asc", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-11:02.bind.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069771", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069771", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsdsa_bind10.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from ADV FreeBSD-SA-11:02.bind.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69771\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-11:02.bind.asc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdpatchlevel\");\n\n script_tag(name:\"insight\", value:\"BIND 9 is an implementation of the Domain Name System (DNS) protocols.\nThe named(8) daemon is an Internet Domain Name Server.\n\nDNS Security Extensions (DNSSEC) provides data integrity, origin\nauthentication and authenticated denial of existence to resolvers.\n\nVery large RRSIG RRsets included in a negative response can trigger\nan assertion failure that will crash named(8) due to an off-by-one error\nin a buffer size check.\");\n\n script_tag(name:\"solution\", value:\"Upgrade your system to the appropriate stable release\n or security branch dated after the correction date.\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-11:02.bind.asc\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory FreeBSD-SA-11:02.bind.asc\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\n\nif(patchlevelcmp(rel:\"7.3\", patchlevel:\"6\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"7.4\", patchlevel:\"2\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"8.1\", patchlevel:\"4\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"8.2\", patchlevel:\"2\")<0) {\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(port:0);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:23", "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2244-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2244-1 (bind9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69742", "href": "http://plugins.openvas.org/nasl.php?oid=69742", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2244_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2244-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that BIND, an implementation of the DNS protocol,\ndoes not correctly process certain large RRSIG record sets in DNSSEC\nresponses. The resulting assertion failure causes the name server\nprocess to crash, making name resolution unavailable. (CVE-2011-1910)\n\nIn addition, this update fixes handling of certain signed/unsigned\nzone combinations when a DLV service is used. Previously, data from\ncertain affected zones could become unavailable from the resolver.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny2.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze2.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2244-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202244-1\";\n\n\nif(description)\n{\n script_id(69742);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Debian Security Advisory DSA 2244-1 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns58\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:53", "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2244-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2244-1 (bind9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069742", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069742", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2244_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2244-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69742\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Debian Security Advisory DSA 2244-1 (bind9)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202244-1\");\n script_tag(name:\"insight\", value:\"It was discovered that BIND, an implementation of the DNS protocol,\ndoes not correctly process certain large RRSIG record sets in DNSSEC\nresponses. The resulting assertion failure causes the name server\nprocess to crash, making name resolution unavailable. (CVE-2011-1910)\n\nIn addition, this update fixes handling of certain signed/unsigned\nzone combinations when a DLV service is used. Previously, data from\ncertain affected zones could become unavailable from the resolver.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny2.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze2.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed soon.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to bind9\nannounced via advisory DSA 2244-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns58\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bind9-sdb-ldap, bind9-sdb-postgresql", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069752", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069752", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_bind9-sdb-ldap.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 1e1421f0-8d6f-11e0-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69752\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"FreeBSD Ports: bind9-sdb-ldap, bind9-sdb-postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n bind9-sdb-ldap\n bind9-sdb-postgresql\n bind96\n bind97\n bind98\n\nCVE-2011-1910\nOff-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\nbefore 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n(assertion failure and daemon exit) via a negative response containing\nlarge RRSIG RRsets.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.isc.org/software/bind/advisories/cve-2011-1910\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/1e1421f0-8d6f-11e0-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"bind9-sdb-ldap\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.4.3.4\")<0) {\n txt += 'Package bind9-sdb-ldap version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind9-sdb-postgresql\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.4.3.4\")<0) {\n txt += 'Package bind9-sdb-postgresql version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R4.1\")<0) {\n txt += 'Package bind96 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.3.1\")<0) {\n txt += 'Package bind97 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.0.2\")<0) {\n txt += 'Package bind98 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7602", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863278", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7602\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863278\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-7602\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-7602\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"bind on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.2.b1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-08T12:58:40", "description": "Check for the Version of bind97", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0845 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:881251", "href": "http://plugins.openvas.org/nasl.php?oid=881251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0845 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n \n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind97 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-May/017600.html\");\n script_id(881251);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:11:57 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0845\");\n script_name(\"CentOS Update for bind97 CESA-2011:0845 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind97\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:36", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:104 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831414", "href": "http://plugins.openvas.org/nasl.php?oid=831414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:104 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been identified and fixed in ISC BIND:\n\n Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\n before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n (assertion failure and daemon exit) via a negative response containing\n large RRSIG RRsets (CVE-2011-1910).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php\\?cPath=149\\&amp;amp;products_id=490\n \n The updated packages have been patched to correct this issue. For\n 2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to\n this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-06/msg00000.php\");\n script_id(831414);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:104\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Mandriva Update for bind MDVSA-2011:104 (bind)\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:0845-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870441", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:0845-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-May/msg00036.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870441\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0845-01\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"RedHat Update for bind RHSA-2011:0845-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n An off-by-one flaw was found in the way BIND processed negative responses\n with large resource record sets (RRSets). An attacker able to send\n recursive queries to a BIND server that is configured as a caching\n resolver could use this flaw to cause named to exit with an assertion\n failure. (CVE-2011-1910)\n\n All BIND users are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:13:32", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-11:02.bind.asc", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-11:02.bind.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69771", "href": "http://plugins.openvas.org/nasl.php?oid=69771", "sourceData": "#\n#ADV FreeBSD-SA-11:02.bind.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from ADV FreeBSD-SA-11:02.bind.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_insight = \"BIND 9 is an implementation of the Domain Name System (DNS) protocols.\nThe named(8) daemon is an Internet Domain Name Server.\n\nDNS Security Extensions (DNSSEC) provides data integrity, origin\nauthentication and authenticated denial of existence to resolvers.\n\nVery large RRSIG RRsets included in a negative response can trigger\nan assertion failure that will crash named(8) due to an off-by-one error\nin a buffer size check.\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-11:02.bind.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-11:02.bind.asc\";\n\n\nif(description)\n{\n script_id(69771);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-11:02.bind.asc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"7.3\", patchlevel:\"6\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.4\", patchlevel:\"2\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"8.1\", patchlevel:\"4\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"8.2\", patchlevel:\"2\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:52", "description": "Oracle Linux Local Security Checks ELSA-2011-0845", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0845", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0845.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122159\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0845\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0845 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0845\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0845.html\");\n script_cve_id(\"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~2.el6_1.P1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7617", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7617\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061082.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863170\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-7617\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-7617\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"bind on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.0~5.P2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:104 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:104 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-06/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831414\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:104\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Mandriva Update for bind MDVSA-2011:104 (bind)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been identified and fixed in ISC BIND:\n\n Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\n before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n (assertion failure and daemon exit) via a negative response containing\n large RRSIG RRsets (CVE-2011-1910).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct this issue. For\n 2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to\n this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php\\?cPath=149\\&amp;amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.3mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P1.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:44", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7602", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863278", "href": "http://plugins.openvas.org/nasl.php?oid=863278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7602\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 14\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.html\");\n script_id(863278);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-7602\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-7602\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.4~0.2.b1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:50", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7617", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863170", "href": "http://plugins.openvas.org/nasl.php?oid=863170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7617\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 15\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061082.html\");\n script_id(863170);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-12 08:00:26 +0200 (Tue, 12 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-7617\");\n script_cve_id(\"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-7617\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.0~5.P2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:0926-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870451", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870451", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:0926-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-July/msg00003.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870451\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0926-01\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"RedHat Update for bind RHSA-2011:0926-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n\n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:28", "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2272-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2272-1 (bind9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069979", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069979", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2272_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2272-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69979\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 2272-1 (bind9)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202272-1\");\n script_tag(name:\"insight\", value:\"It was discovered that BIND, a DNS server, does not correctly process\ncertain UPDATE requests, resulting in a server crash and a denial of\nservice. This vulnerability affects BIND installations even if they\ndo not actually use dynamic DNS updates.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze3.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed later.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to bind9\nannounced via advisory DSA 2272-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns58\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:15", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-189-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-189-01 bind ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:71953", "href": "http://plugins.openvas.org/nasl.php?oid=71953", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_189_01.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-189-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 13.37, and -current to\nfix a security issue.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2011-189-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-189-01\";\n \nif(description)\n{\n script_id(71953);\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:17 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-189-01 bind \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.7.3_P3-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:49", "description": "Check for the Version of bind97", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0926 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880517", "href": "http://plugins.openvas.org/nasl.php?oid=880517", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0926 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n \n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind97 on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-July/017643.html\");\n script_id(880517);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0926\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"CentOS Update for bind97 CESA-2011:0926 centos5 i386\");\n\n script_summary(\"Check for the Version of bind97\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0926 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880517", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0926 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-July/017643.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880517\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0926\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"CentOS Update for bind97 CESA-2011:0926 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind97 on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n\n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:34", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1163-1", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1163-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1163_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for bind9 USN-1163-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1163-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840694\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1163-1\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"Ubuntu Update for bind9 USN-1163-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1163-1\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Bind incorrectly handled certain specially crafted\n packets. A remote attacker could use this flaw to cause Bind to stop\n responding, resulting in a denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"1:9.7.1.dfsg.P2-2ubuntu0.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"1:9.4.2.dfsg.P2-2ubuntu0.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0926 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881240", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0926 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-July/017644.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881240\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:08:03 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0926\");\n script_name(\"CentOS Update for bind97 CESA-2011:0926 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind97 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n\n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-22T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:115 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831426", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831426", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:115 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-07/msg00004.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831426\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-22 14:44:51 +0200 (Fri, 22 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:115\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"Mandriva Update for bind MDVSA-2011:115 (bind)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability was discovered and corrected in bind:\n\n Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\n attackers to cause a denial of service (named daemon crash) via a\n crafted UPDATE request (CVE-2011-2464).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been upgraded to bind 9.7.3-P3 which is\n not vulnerable to this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:27:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1163-1", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1163-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840694", "href": "http://plugins.openvas.org/nasl.php?oid=840694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1163_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for bind9 USN-1163-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Bind incorrectly handled certain specially crafted\n packets. A remote attacker could use this flaw to cause Bind to stop\n responding, resulting in a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1163-1\";\ntag_affected = \"bind9 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1163-1/\");\n script_id(840694);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1163-1\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"Ubuntu Update for bind9 USN-1163-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"1:9.7.1.dfsg.P2-2ubuntu0.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"1:9.4.2.dfsg.P2-2ubuntu0.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:00", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bind96", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069993", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069993", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_bind96.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID fd64188d-a71d-11e0-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69993\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: bind96\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n bind96\n bind97\n bind98\n\nCVE-2011-2464\nUnspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\nattackers to cause a denial of service (named daemon crash) via a\ncrafted UPDATE request.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"https://www.isc.org/software/bind/advisories/cve-2011-2464\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/fd64188d-a71d-11e0-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R4.3\")<0) {\n txt += 'Package bind96 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.3.3\")<0) {\n txt += 'Package bind97 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.0.4\")<0) {\n txt += 'Package bind98 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:13:42", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bind96", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69993", "href": "http://plugins.openvas.org/nasl.php?oid=69993", "sourceData": "#\n#VID fd64188d-a71d-11e0-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID fd64188d-a71d-11e0-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n bind96\n bind97\n bind98\n\nCVE-2011-2464\nUnspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\nattackers to cause a denial of service (named daemon crash) via a\ncrafted UPDATE request.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://www.isc.org/software/bind/advisories/cve-2011-2464\nhttp://www.vuxml.org/freebsd/fd64188d-a71d-11e0-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69993);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: bind96\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R4.3\")<0) {\n txt += 'Package bind96 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.3.3\")<0) {\n txt += 'Package bind97 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.0.4\")<0) {\n txt += 'Package bind98 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:36", "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2272-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2272-1 (bind9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69979", "href": "http://plugins.openvas.org/nasl.php?oid=69979", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2272_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2272-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that BIND, a DNS server, does not correctly process\ncertain UPDATE requests, resulting in a server crash and a denial of\nservice. This vulnerability affects BIND installations even if they\ndo not actually use dynamic DNS updates.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze3.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed later.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 2272-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202272-1\";\n\n\nif(description)\n{\n script_id(69979);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 2272-1 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns58\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.6.ESV.R4+dfsg-0+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:24", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2011:0926-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870451", "href": "http://plugins.openvas.org/nasl.php?oid=870451", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2011:0926-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n \n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-July/msg00003.html\");\n script_id(870451);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0926-01\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"RedHat Update for bind RHSA-2011:0926-01\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:20", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-07-22T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2011:115 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831426", "href": "http://plugins.openvas.org/nasl.php?oid=831426", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2011:115 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered and corrected in bind:\n\n Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\n attackers to cause a denial of service (named daemon crash) via a\n crafted UPDATE request (CVE-2011-2464).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;amp;products_id=490\n \n The updated packages have been upgraded to bind 9.7.3-P3 which is\n not vulnerable to this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-07/msg00004.php\");\n script_id(831426);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-22 14:44:51 +0200 (Fri, 22 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:115\");\n script_cve_id(\"CVE-2011-2464\");\n script_name(\"Mandriva Update for bind MDVSA-2011:115 (bind)\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~0.0.P3.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:18", "description": "Check for the Version of bind97", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind97 CESA-2011:0926 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:881240", "href": "http://plugins.openvas.org/nasl.php?oid=881240", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2011:0926 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n A flaw was discovered in the way BIND handled certain DNS requests. A\n remote attacker could use this flaw to send a specially-crafted DNS request\n packet to BIND, causing it to exit unexpectedly due to a failed assertion.\n (CVE-2011-2464)\n \n Users of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\n Enterprise Linux 6, are advised to upgrade to these updated packages, which\n resolve this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind97 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-July/017644.html\");\n script_id(881240);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:08:03 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0926\");\n script_name(\"CentOS Update for bind97 CESA-2011:0926 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind97\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-189-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-189-01 bind", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231071953", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071953", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_189_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-189-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71953\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:17 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-189-01 bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK13\\.37\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-189-01\");\n\n script_tag(name:\"insight\", value:\"New bind packages are available for Slackware 13.37, and -current to\nfix a security issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2011-189-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.3_P3-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Oracle Linux Local Security Checks ELSA-2011-0926", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0926", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0926.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122137\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:13:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0926\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0926 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0926\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0926.html\");\n script_cve_id(\"CVE-2011-2464\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~6.P2.el5_6.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~6.P2.el5_6.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~6.P2.el5_6.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~6.P2.el5_6.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~6.P2.el5_6.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3~2.el6_1.P3.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-16036", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4313", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863644", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863644", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-16036\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863644\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:47:47 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-16036\");\n script_cve_id(\"CVE-2011-4313\", \"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-16036\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"bind on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.1~3.P1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:26:38", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1139-1", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1139-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3762", "CVE-2011-1910"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840669", "href": "http://plugins.openvas.org/nasl.php?oid=840669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1139_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for bind9 USN-1139-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Bind incorrectly handled certain bad signatures if\n multiple trust anchors existed for a single zone. A remote attacker could\n use this flaw to cause Bind to stop responding, resulting in a denial of\n service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS.\n (CVE-2010-3762)\n\n Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled\n certain very large RRSIG RRsets included in negative responses. A remote\n attacker could use this flaw to cause Bind to stop responding, resulting in\n a denial of service. (CVE-2011-1910)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1139-1\";\ntag_affected = \"bind9 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1139-1/\");\n script_id(840669);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1139-1\");\n script_cve_id(\"CVE-2010-3762\", \"CVE-2011-1910\");\n script_name(\"Ubuntu Update for bind9 USN-1139-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"1:9.7.1.dfsg.P2-2ubuntu0.3\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"1:9.4.2.dfsg.P2-2ubuntu0.7\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7621", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0213", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863269", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7621\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863269\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-7621\");\n script_cve_id(\"CVE-2011-1910\", \"CVE-2010-0213\");\n script_name(\"Fedora Update for bind FEDORA-2011-7621\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"bind on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~2.P1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:55:44", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-7621", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0213", "CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863269", "href": "http://plugins.openvas.org/nasl.php?oid=863269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-7621\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 13\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.html\");\n script_id(863269);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-7621\");\n script_cve_id(\"CVE-2011-1910\", \"CVE-2010-0213\");\n script_name(\"Fedora Update for bind FEDORA-2011-7621\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3~2.P1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:35", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2011-16036", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4313", "CVE-2011-1910"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863644", "href": "http://plugins.openvas.org/nasl.php?oid=863644", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2011-16036\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 15\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html\");\n script_id(863644);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:47:47 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-16036\");\n script_cve_id(\"CVE-2011-4313\", \"CVE-2011-1910\");\n script_name(\"Fedora Update for bind FEDORA-2011-16036\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.1~3.P1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:35", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1139-1", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1139-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3762", "CVE-2011-1910"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840669", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840669", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1139_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for bind9 USN-1139-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1139-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840669\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1139-1\");\n script_cve_id(\"CVE-2010-3762\", \"CVE-2011-1910\");\n script_name(\"Ubuntu Update for bind9 USN-1139-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1139-1\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Bind incorrectly handled certain bad signatures if\n multiple trust anchors existed for a single zone. A remote attacker could\n use this flaw to cause Bind to stop responding, resulting in a denial of\n service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS.\n (CVE-2010-3762)\n\n Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled\n certain very large RRSIG RRsets included in negative responses. A remote\n attacker could use this flaw to cause Bind to stop responding, resulting in\n a denial of service. (CVE-2011-1910)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"1:9.7.1.dfsg.P2-2ubuntu0.3\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1ubuntu2.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"1:9.4.2.dfsg.P2-2ubuntu0.7\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:43:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-18T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for bind (SUSE-SA:2011:029)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850168", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850168", "sourceData": "# Copyright (C) 2011 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850168\");\n script_version(\"2020-01-31T08:40:24+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:40:24 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"SUSE-SA\", value:\"2011-029\");\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-2465\");\n script_name(\"SUSE: Security Advisory for bind (SUSE-SA:2011:029)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE11\\.3)\");\n\n script_tag(name:\"impact\", value:\"remote denial of service\");\n\n script_tag(name:\"affected\", value:\"bind on openSUSE 11.3, openSUSE 11.4\");\n\n script_tag(name:\"insight\", value:\"A remote Denial of Service vulnerability has been fixed in the BIND\n DNS nameserver.\n\n Specially crafted packets could cause bind servers (recursive as well\n as authoritative) to exit. CVE-2011-2464\n\n This issue affected bind 9.6 and later, so SUSE Linux Enterprise\n 10 SP4, SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 and 11.4\n were affected.\n\n Older service packs / products are not affected by CVE-2011-2464.\n\n\n Please also note that the other currently published security issue,\n CVE-2011-2465, affected only BIND versions 9.8.0 and later, which none\n of our current products include, making all of them not affected by\n this issue.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE11.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-12T11:18:46", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-08-18T00:00:00", "type": "openvas", "title": "SuSE Update for bind SUSE-SA:2011:029", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850168", "href": "http://plugins.openvas.org/nasl.php?oid=850168", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for bind SUSE-SA:2011:029\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A remote Denial of Service vulnerability has been fixed in the BIND\n DNS nameserver.\n\n Specially crafted packets could cause bind servers (recursive as well\n as authoritative) to exit. CVE-2011-2464\n\n This issue affected bind 9.6 and later, so SUSE Linux Enterprise\n 10 SP4, SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 and 11.4\n were affected.\n\n Older service packs / products are not affected by CVE-2011-2464.\n\n\n Please also note that the other currently published security issue,\n CVE-2011-2465, affected only BIND versions 9.8.0 and later, which none\n of our current products include, making all of them not affected by\n this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"bind on openSUSE 11.3, openSUSE 11.4\";\n\n\nif(description)\n{\n script_id(850168);\n script_version(\"$Revision: 8041 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 08:28:21 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2011-029\");\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-2465\");\n script_name(\"SuSE Update for bind SUSE-SA:2011:029\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.7.3P3~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.7.3P3~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-01.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-01 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0414", "CVE-2011-2464", "CVE-2010-3615", "CVE-2011-2465", "CVE-2010-3614", "CVE-2010-3613", "CVE-2011-4313", "CVE-2010-3762", "CVE-2011-1910"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071545", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_01.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71545\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:52 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-01 (bind)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in BIND, the worst of\n which allowing to cause remote Denial of Service.\");\n script_tag(name:\"solution\", value:\"All bind users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already no longer affected by this issue.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-01\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=347621\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=356223\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=368863\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=374201\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=374623\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=390753\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-01.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.7.4_p1\"), vulnerable: make_list(\"lt 9.7.4_p1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:50:46", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-01.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-01 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0414", "CVE-2011-2464", "CVE-2010-3615", "CVE-2011-2465", "CVE-2010-3614", "CVE-2010-3613", "CVE-2011-4313", "CVE-2010-3762", "CVE-2011-1910"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71545", "href": "http://plugins.openvas.org/nasl.php?oid=71545", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in BIND, the worst of\n which allowing to cause remote Denial of Service.\";\ntag_solution = \"All bind users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already\n no longer affected by this issue.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=347621\nhttp://bugs.gentoo.org/show_bug.cgi?id=356223\nhttp://bugs.gentoo.org/show_bug.cgi?id=368863\nhttp://bugs.gentoo.org/show_bug.cgi?id=374201\nhttp://bugs.gentoo.org/show_bug.cgi?id=374623\nhttp://bugs.gentoo.org/show_bug.cgi?id=390753\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-01.\";\n\n \n \nif(description)\n{\n script_id(71545);\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:52 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-01 (bind)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.7.4_p1\"), vulnerable: make_list(\"lt 9.7.4_p1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2012-8962", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1667", "CVE-2011-4313", "CVE-2011-1910"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864462", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864462", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2012-8962\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082308.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864462\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:37:40 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-1667\", \"CVE-2011-4313\", \"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-8962\");\n script_name(\"Fedora Update for bind FEDORA-2012-8962\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"bind on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.3~2.P1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2018-01-08T12:57:41", "description": "Check for the Version of bind", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2012-8962", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1667", "CVE-2011-4313", "CVE-2011-1910"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864462", "href": "http://plugins.openvas.org/nasl.php?oid=864462", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2012-8962\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 15\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082308.html\");\n script_id(864462);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:37:40 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-1667\", \"CVE-2011-4313\", \"CVE-2011-1910\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-8962\");\n script_name(\"Fedora Update for bind FEDORA-2012-8962\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.3~2.P1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-04-27T19:22:38", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802336\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5000\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5002\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\\.8\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\");\n script_tag(name:\"affected\", value:\"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Run Mac Updates and update the Security Update 2011-006\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"Equal to 10.6.8\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:54", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:802336", "href": "http://plugins.openvas.org/nasl.php?oid=802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su11-006.nasl 7029 2017-08-31 11:51:40Z teissa $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Run Mac Updates and update the Security Update 2011-006\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\";\n\nif(description)\n{\n script_id(802336);\n script_version(\"$Revision: 7029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5000\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5002\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2011.006\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-07-22T19:32:09", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bind-9.7.4-0.3.b1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-2464"], "modified": "2011-07-22T19:32:09", "id": "FEDORA:72E67110D35", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZRYTXNQO3XG3TKXIPQYOWNFOK4MJHIQ3/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-07-12T05:03:49", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bind-9.8.0-7.P4.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2465"], "modified": "2011-07-12T05:03:49", "id": "FEDORA:38E9C10FD1C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FCEM7GDXTZWCR2V6GPYRBAPMYUI7Q7Q5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-11-25T23:23:58", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bind-9.7.4-2.P1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-2464", "CVE-2011-4313"], "modified": "2011-11-25T23:23:58", "id": "FEDORA:8968920FE6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JH6X7LWGGSQGEB3IOEBZHTKTHLN5EHBQ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-06-02T19:04:32", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bind-9.8.0-5.P2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-06-02T19:04:32", "id": "FEDORA:97C87167A60", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CID7WCK27SCLYPYQRCEE52KZQCXNIBEE/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-06-11T04:31:03", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bind-9.7.4-0.2.b1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-06-11T04:31:03", "id": "FEDORA:6C2E6110DED", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B5Z5KQ3R73FS6UPRQUOFJI2MUBII4N2I/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-06-11T04:31:31", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: bind-9.7.3-2.P1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0213", "CVE-2011-1910"], "modified": "2011-06-11T04:31:31", "id": "FEDORA:3ECB211129F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZAWJIPPGRT47LTHMLDQAFHCHNCNDSHH4/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2011-11-25T23:25:02", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bind-9.8.1-3.P1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-4313"], "modified": "2011-11-25T23:25:02", "id": "FEDORA:2377A21046", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/P27W4DTYRLES4P27X5BJD7BVY7QBUKIO/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2012-06-15T12:32:11", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bind-9.8.3-2.P1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 8.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-4313", "CVE-2012-1667"], "modified": "2012-06-15T12:32:11", "id": "FEDORA:3181F210F7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2V23WGZCDMC7AS7LLDDWZZNBJBDTQD5I/", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:35:18", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.", "cvss3": {}, "published": "2011-08-15T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-224-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910", "CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2011-224-01.NASL", "href": "https://www.tenable.com/plugins/nessus/55834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2011-224-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55834);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\", \"CVE-2011-2464\");\n script_bugtraq_id(48007, 48566);\n script_xref(name:\"SSA\", value:\"2011-224-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-224-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.662839\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09e49b17\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R5\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.7.4\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.7.4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:39:36", "description": "This update provides bind 9.6ESVR4P1 which fixes a denial of service vulnerability that can be triggered by very large RRSIG RRsets in a negative response and crash named. (CVE-2011-1910)\n\nIt further provides a fix for a defect which may cause queries for .com names to fail with validation errors when DNSSEC records for the .com zone are initially inserted into the root zone.\n\nPlease refer to https://www.isc.org/software/bind/new-features/9.6 for more information on additional improvements and bug fixes.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : bind (ZYPP Patch Number 7551)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_BIND-7551.NASL", "href": "https://www.tenable.com/plugins/nessus/57160", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57160);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1910\");\n\n script_name(english:\"SuSE 10 Security Update : bind (ZYPP Patch Number 7551)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides bind 9.6ESVR4P1 which fixes a denial of service\nvulnerability that can be triggered by very large RRSIG RRsets in a\nnegative response and crash named. (CVE-2011-1910)\n\nIt further provides a fix for a defect which may cause queries for\n.com names to fail with validation errors when DNSSEC records for the\n.com zone are initially inserted into the root zone.\n\nPlease refer to https://www.isc.org/software/bind/new-features/9.6 for\nmore information on additional improvements and bug fixes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1910.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7551.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-libs-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-utils-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-chrootenv-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-devel-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-doc-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-libs-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-utils-9.6ESVR4P1-0.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P1-0.12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:38", "description": "Update to 9.7.3-P1 which fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-12T00:00:00", "type": "nessus", "title": "Fedora 13 : bind-9.7.3-2.P1.fc13 (2011-7621)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-7621.NASL", "href": "https://www.tenable.com/plugins/nessus/55056", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-7621.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55056);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_xref(name:\"FEDORA\", value:\"2011-7621\");\n\n script_name(english:\"Fedora 13 : bind-9.7.3-2.P1.fc13 (2011-7621)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 9.7.3-P1 which fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=708301\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c40467d3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"bind-9.7.3-2.P1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:19", "description": "A vulnerability has been identified and fixed in ISC BIND :\n\nOff-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets (CVE-2011-1910).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue. For 2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to this issue.", "cvss3": {}, "published": "2011-06-02T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : bind (MDVSA-2011:104)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:bind", "p-cpe:/a:mandriva:linux:bind-devel", "p-cpe:/a:mandriva:linux:bind-doc", "p-cpe:/a:mandriva:linux:bind-utils", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-104.NASL", "href": "https://www.tenable.com/plugins/nessus/54939", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:104. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54939);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"MDVSA\", value:\"2011:104\");\n\n script_name(english:\"Mandriva Linux Security Advisory : bind (MDVSA-2011:104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been identified and fixed in ISC BIND :\n\nOff-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\nbefore 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n(assertion failure and daemon exit) via a negative response containing\nlarge RRSIG RRsets (CVE-2011-1910).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue. For\n2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to\nthis issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-9.6.2-0.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-devel-9.6.2-0.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-doc-9.6.2-0.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-utils-9.6.2-0.3mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-9.7.3-0.0.P1.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-devel-9.7.3-0.0.P1.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-doc-9.7.3-0.0.P1.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-utils-9.7.3-0.0.P1.1.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:48:24", "description": "From Red Hat Security Advisory 2011:0845 :\n\nUpdated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : bind (ELSA-2011-0845)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:bind97", "p-cpe:/a:oracle:linux:bind97-chroot", "p-cpe:/a:oracle:linux:bind97-devel", "p-cpe:/a:oracle:linux:bind97-libs", "p-cpe:/a:oracle:linux:bind97-utils", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-0845.NASL", "href": "https://www.tenable.com/plugins/nessus/68285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0845 and \n# Oracle Linux Security Advisory ELSA-2011-0845 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68285);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"RHSA\", value:\"2011:0845\");\n\n script_name(english:\"Oracle Linux 5 / 6 : bind (ELSA-2011-0845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0845 :\n\nUpdated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative\nresponses with large resource record sets (RRSets). An attacker able\nto send recursive queries to a BIND server that is configured as a\ncaching resolver could use this flaw to cause named to exit with an\nassertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002159.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002169.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"bind-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-chroot-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-devel-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-libs-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-sdb-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-utils-9.7.3-2.el6_1.P1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:32:37", "description": "ISC reports :\n\nA BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash.", "cvss3": {}, "published": "2011-06-07T00:00:00", "type": "nessus", "title": "FreeBSD : BIND -- Large RRSIG RRsets and Negative Caching DoS (1e1421f0-8d6f-11e0-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:bind9-sdb-ldap", "p-cpe:/a:freebsd:freebsd:bind9-sdb-postgresql", "p-cpe:/a:freebsd:freebsd:bind96", "p-cpe:/a:freebsd:freebsd:bind97", "p-cpe:/a:freebsd:freebsd:bind98", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1E1421F08D6F11E089B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/54982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54982);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"FreeBSD\", value:\"SA-11:02.bind\");\n\n script_name(english:\"FreeBSD : BIND -- Large RRSIG RRsets and Negative Caching DoS (1e1421f0-8d6f-11e0-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nA BIND 9 DNS server set up to be a caching resolver is vulnerable to a\nuser querying a domain with very large resource record sets (RRSets)\nwhen trying to negatively cache a response. This can cause the BIND 9\nDNS server (named process) to crash.\"\n );\n # http://www.isc.org/software/bind/advisories/cve-2011-1910\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?773a5e8d\"\n );\n # https://vuxml.freebsd.org/freebsd/1e1421f0-8d6f-11e0-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86e01568\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-sdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind9-sdb-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind98\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind9-sdb-ldap<9.4.3.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind9-sdb-postgresql<9.4.3.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind96<9.6.3.1.ESV.R4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind97<9.7.3.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind98<9.8.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:47:37", "description": "Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 5 : bind97 (CESA-2011:0845)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind97", "p-cpe:/a:centos:centos:bind97-chroot", "p-cpe:/a:centos:centos:bind97-devel", "p-cpe:/a:centos:centos:bind97-libs", "p-cpe:/a:centos:centos:bind97-utils", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0845.NASL", "href": "https://www.tenable.com/plugins/nessus/67084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0845 and \n# CentOS Errata and Security Advisory 2011:0845 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67084);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"RHSA\", value:\"2011:0845\");\n\n script_name(english:\"CentOS 5 : bind97 (CESA-2011:0845)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative\nresponses with large resource record sets (RRSets). An attacker able\nto send recursive queries to a BIND server that is configured as a\ncaching resolver could use this flaw to cause named to exit with an\nassertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017599.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a0e367f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017600.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5163f387\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:32:27", "description": "This update fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "nessus", "title": "Fedora 15 : bind-9.8.0-5.P2.fc15 (2011-7617)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-7617.NASL", "href": "https://www.tenable.com/plugins/nessus/54950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-7617.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54950);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"FEDORA\", value:\"2011-7617\");\n\n script_name(english:\"Fedora 15 : bind-9.8.0-5.P2.fc15 (2011-7617)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=708301\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061082.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db61b18c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"bind-9.8.0-5.P2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:31:15", "description": "Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2011-06-01T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : bind (RHSA-2011:0845)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind97", "p-cpe:/a:redhat:enterprise_linux:bind97-chroot", "p-cpe:/a:redhat:enterprise_linux:bind97-devel", "p-cpe:/a:redhat:enterprise_linux:bind97-libs", "p-cpe:/a:redhat:enterprise_linux:bind97-utils", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-0845.NASL", "href": "https://www.tenable.com/plugins/nessus/54933", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0845. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54933);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"RHSA\", value:\"2011:0845\");\n\n script_name(english:\"RHEL 5 / 6 : bind (RHSA-2011:0845)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative\nresponses with large resource record sets (RRSets). An attacker able\nto send recursive queries to a BIND server that is configured as a\ncaching resolver could use this flaw to cause named to exit with an\nassertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1910\"\n );\n # http://www.isc.org/software/bind/advisories/cve-2011-1910\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?773a5e8d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0845\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0845\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-chroot-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-chroot-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-chroot-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-debuginfo-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-devel-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-libs-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-sdb-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-sdb-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-sdb-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-utils-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-utils-9.7.3-2.el6_1.P1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-utils-9.7.3-2.el6_1.P1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:32:45", "description": "It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable. (CVE-2011-1910 )\n\nIn addition, this update fixes handling of certain signed/unsigned zone combinations when a DLV service is used. Previously, data from certain affected zones could become unavailable from the resolver.", "cvss3": {}, "published": "2011-06-10T00:00:00", "type": "nessus", "title": "Debian DSA-2244-1 : bind9 - incorrect boundary condition", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2244.NASL", "href": "https://www.tenable.com/plugins/nessus/55032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2244. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55032);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"DSA\", value:\"2244\");\n\n script_name(english:\"Debian DSA-2244-1 : bind9 - incorrect boundary condition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that BIND, an implementation of the DNS protocol,\ndoes not correctly process certain large RRSIG record sets in DNSSEC\nresponses. The resulting assertion failure causes the name server\nprocess to crash, making name resolution unavailable. (CVE-2011-1910 )\n\nIn addition, this update fixes handling of certain signed/unsigned\nzone combinations when a DLV service is used. Previously, data from\ncertain affected zones could become unavailable from the resolver.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2244\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny2.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"bind9\", reference:\"1:9.6.ESV.R4+dfsg-0+lenny2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-doc\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-host\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9utils\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"dnsutils\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"host\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind-dev\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind9-60\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libdns69\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisc62\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccc60\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccfg62\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"liblwres60\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lwresd\", reference:\"1:9.7.3.dfsg-1~squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:20", "description": "This update fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-12T00:00:00", "type": "nessus", "title": "Fedora 14 : bind-9.7.4-0.2.b1.fc14 (2011-7602)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-7602.NASL", "href": "https://www.tenable.com/plugins/nessus/55054", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-7602.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55054);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_xref(name:\"FEDORA\", value:\"2011-7602\");\n\n script_name(english:\"Fedora 14 : bind-9.7.4-0.2.b1.fc14 (2011-7602)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2011-1910 :\n\n - large RRSIG RRsets and negative caching can crash named\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=708301\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10ff32f5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bind-9.7.4-0.2.b1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:34:10", "description": "This update provides bind 9.7.3P1 which fixes a denial of service issue in RRsig RRSET handling. (CVE-2011-1910)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2011:0603-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_BIND-110531.NASL", "href": "https://www.tenable.com/plugins/nessus/75439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-4633.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75439);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2011:0603-1)\");\n script_summary(english:\"Check for the bind-4633 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides bind 9.7.3P1 which fixes a denial of service\nissue in RRsig RRSET handling. (CVE-2011-1910)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=696585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-06/msg00014.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-chrootenv-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-devel-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-libs-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-utils-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.7.3P1-0.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:31:23", "description": "This update provides bind 9.7.3P1 which fixes a denial of service issue in RRsig RRSET handling. (CVE-2011-1910)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2011:0603-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_BIND-110531.NASL", "href": "https://www.tenable.com/plugins/nessus/75793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-4634.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75793);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2011:0603-1)\");\n script_summary(english:\"Check for the bind-4634 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides bind 9.7.3P1 which fixes a denial of service\nissue in RRsig RRSET handling. (CVE-2011-1910)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=696585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-06/msg00014.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-chrootenv-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-debuginfo-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-debugsource-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-devel-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-libs-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-libs-debuginfo-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-utils-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-utils-debuginfo-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.7.3P1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.7.3P1-0.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:38:58", "description": "Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIND vulnerability (SOL12985)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL12985.NASL", "href": "https://www.tenable.com/plugins/nessus/78129", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL12985.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78129);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n\n script_name(english:\"F5 Networks BIG-IP : BIND vulnerability (SOL12985)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x\nbefore 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before\n9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n(assertion failure and daemon exit) via a negative response containing\nlarge RRSIG RRsets.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K12985\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL12985.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL12985\";\nvmatrix = make_array();\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.1.0-10.2.2\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"9.0.0-9.4.8\",\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.0.0-10.1.0\",\"10.2.0-10.2.2\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"10.2.2HF1\",\"10.2.3-10.2.4\",\"11\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:25:34", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.\n\nDependancies: bind-dyndb-ldap was required to be updated to 0.2.0-1.el6 due to dependencies.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : bind on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110531_BIND_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61055", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61055);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative\nresponses with large resource record sets (RRSets). An attacker able\nto send recursive queries to a BIND server that is configured as a\ncaching resolver could use this flaw to cause named to exit with an\nassertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\n\nDependancies: bind-dyndb-ldap was required to be updated to\n0.2.0-1.el6 due to dependencies.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=2244\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e05084a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"bind-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-debuginfo-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-dyndb-ldap-0.2.0-1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.7.3-2.el6_1.P1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.7.3-2.el6_1.P1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:26:07", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : bind97 on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110531_BIND97_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61054", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61054);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n\n script_name(english:\"Scientific Linux Security Update : bind97 on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative\nresponses with large resource record sets (RRSets). An attacker able\nto send recursive queries to a BIND server that is configured as a\ncaching resolver could use this flaw to cause named to exit with an\nassertion failure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=1514\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54d2ee70\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind97-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-debuginfo-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:29:11", "description": "According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. If BIND queries a domain with large RRSIG resource record sets it may trigger an assertion failure and cause the name server process to crash due to an off-by-one error in a buffer size check. \n\nNote that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually vulnerable.", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "nessus", "title": "ISC BIND 9 Large RRSIG RRsets Negative Caching Remote DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_980_P2.NASL", "href": "https://www.tenable.com/plugins/nessus/54923", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(54923);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"CERT\", value:\"795694\");\n script_xref(name:\"Secunia\", value:\"44719\");\n\n script_name(english:\"ISC BIND 9 Large RRSIG RRsets Negative Caching Remote DoS\");\n script_summary(english:\"Checks version of BIND\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote\ninstallation of BIND is potentially affected by a denial of service\nvulnerability. If BIND queries a domain with large RRSIG resource\nrecord sets it may trigger an assertion failure and cause the name\nserver process to crash due to an off-by-one error in a buffer size\ncheck. \n\nNote that Nessus has only relied on the version itself and has not\nattempted to determine whether or not the install is actually\nvulnerable.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f9dd6d57\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ba92a18e\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d9a0b3f1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c270545b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.isc.org/software/bind/advisories/cve-2011-1910\");\n\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to BIND 9.4-ESV-R4-P1 / 9.6-ESV-R4-P1 / 9.7.3-P1 / 9.8.0-P2\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2)\n exit(1, \"This plugin only runs if 'Report paranoia' is set to 'Paranoid'.\");\n\nver = get_kb_item_or_exit(\"bind/version\");\n\n# Check whether BIND is vulnerable, and recommend an upgrade.\nfix = NULL;\nif (ver =~ \"9\\.4-ESV-R(3|4$)\")\n fix = \"9.4-ESV-R4-P1\";\nelse if (ver =~ \"9\\.6-ESV-R([2-3]|4$)\")\n fix = \"9.6-ESV-R4-P1\";\nelse if (ver =~ \"9\\.6\\.3\")\n fix = \"9.6-ESV-R4-P1\";\nelse if (ver =~ \"9\\.7\\.([1-2]|3$)\")\n fix = \"9.7.3-P1\";\nelse if (ver =~ \"^9\\.8\\.0($|-P1)\")\n fix = \"9.8.0-P2\";\n\nif (isnull(fix))\n exit(0, \"BIND version \" + ver + \" is running on UDP port 53 and thus is not affected.\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:53, proto:\"udp\", extra:report);\n} else security_hole(port:53, proto:\"udp\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:28:36", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-147-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2011-147-01.NASL", "href": "https://www.tenable.com/plugins/nessus/54906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2011-147-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54906);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1910\");\n script_bugtraq_id(48007);\n script_xref(name:\"SSA\", value:\"2011-147-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-147-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.685026\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3bf16181\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.7.3_P1\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.3_P1\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.7.3_P1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.3_P1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:28:13", "description": "The remote host is running Bind, a popular name server. \n\nVersions of BIND 9.4 earlier than 9.4-ESV-R4-P1, 9.6 earlier than 9.6-ESV-R4-P1, 9.7 earlier than 9.7.3-P1, and 9.8 earlier than 9.8.0-P2 are potentially affected by a denial of service vulnerability. If BIND queries a domain with large RRSIG resource record sets it may trigger an assertion failure and cause the name server process to crash due to an off-by-one error in the buffer size check.", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "nessus", "title": "ISC BIND 9 Large RRSIG RRsets Negative Caching Remote DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*"], "id": "5933.PRM", "href": "https://www.tenable.com/plugins/nnm/5933", "sourceData": "Binary data 5933.prm", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:15", "description": "A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well as authoritative) to exit.", "cvss3": {}, "published": "2011-07-11T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : bind (SAT Patch Number 4846)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:bind", "p-cpe:/a:novell:suse_linux:11:bind-chrootenv", "p-cpe:/a:novell:suse_linux:11:bind-doc", "p-cpe:/a:novell:suse_linux:11:bind-libs", "p-cpe:/a:novell:suse_linux:11:bind-libs-32bit", "p-cpe:/a:novell:suse_linux:11:bind-utils", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_BIND-110706.NASL", "href": "https://www.tenable.com/plugins/nessus/55547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55547);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2464\");\n\n script_name(english:\"SuSE 11.1 Security Update : bind (SAT Patch Number 4846)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well\nas authoritative) to exit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=703907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2464.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4846.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"bind-libs-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"bind-utils-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"bind-libs-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"bind-utils-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"bind-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"bind-chrootenv-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"bind-doc-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"bind-libs-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"bind-utils-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"bind-libs-32bit-9.6ESVR4P3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P3-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:40", "description": "From Red Hat Security Advisory 2011:0926 :\n\nUpdated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : bind (ELSA-2011-0926)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:bind97", "p-cpe:/a:oracle:linux:bind97-chroot", "p-cpe:/a:oracle:linux:bind97-devel", "p-cpe:/a:oracle:linux:bind97-libs", "p-cpe:/a:oracle:linux:bind97-utils", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/68303", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0926 and \n# Oracle Linux Security Advisory ELSA-2011-0926 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68303);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"RHSA\", value:\"2011:0926\");\n\n script_name(english:\"Oracle Linux 5 / 6 : bind (ELSA-2011-0926)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0926 :\n\nUpdated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially crafted DNS\nrequest packet to BIND, causing it to exit unexpectedly due to a\nfailed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\nEnterprise Linux 6, are advised to upgrade to these updated packages,\nwhich resolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-July/002222.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-July/002223.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"bind-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-devel-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-libs-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-utils-9.7.3-2.el6_1.P3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:20", "description": "Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : bind (RHSA-2011:0926)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind97", "p-cpe:/a:redhat:enterprise_linux:bind97-chroot", "p-cpe:/a:redhat:enterprise_linux:bind97-devel", "p-cpe:/a:redhat:enterprise_linux:bind97-libs", "p-cpe:/a:redhat:enterprise_linux:bind97-utils", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/55539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0926. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55539);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"RHSA\", value:\"2011:0926\");\n\n script_name(english:\"RHEL 5 / 6 : bind (RHSA-2011:0926)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially crafted DNS\nrequest packet to BIND, causing it to exit unexpectedly due to a\nfailed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\nEnterprise Linux 6, are advised to upgrade to these updated packages,\nwhich resolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2464\"\n );\n # http://www.isc.org/software/bind/advisories/cve-2011-2464\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5a526026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0926\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0926\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-debuginfo-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-devel-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-libs-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-utils-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-utils-9.7.3-2.el6_1.P3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-utils-9.7.3-2.el6_1.P3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:54", "description": "It was discovered that BIND, a DNS server, does not correctly process certain UPDATE requests, resulting in a server crash and a denial of service. This vulnerability affects BIND installations even if they do not actually use dynamic DNS updates.", "cvss3": {}, "published": "2011-07-06T00:00:00", "type": "nessus", "title": "Debian DSA-2272-1 : bind9 - denial of service", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2272.NASL", "href": "https://www.tenable.com/plugins/nessus/55516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2272. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55516);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_xref(name:\"DSA\", value:\"2272\");\n\n script_name(english:\"Debian DSA-2272-1 : bind9 - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that BIND, a DNS server, does not correctly process\ncertain UPDATE requests, resulting in a server crash and a denial of\nservice. This vulnerability affects BIND installations even if they do\nnot actually use dynamic DNS updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2272\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"bind9\", reference:\"1:9.6.ESV.R4+dfsg-0+lenny3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-doc\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-host\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9utils\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"dnsutils\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"host\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind-dev\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind9-60\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libdns69\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisc62\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccc60\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccfg62\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"liblwres60\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lwresd\", reference:\"1:9.7.3.dfsg-1~squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:27:28", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464)\n\nAfter installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110707_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61080);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially crafted DNS\nrequest packet to BIND, causing it to exit unexpectedly due to a\nfailed assertion. (CVE-2011-2464)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1107&L=scientific-linux-errata&T=0&P=781\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf016d97\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"bind-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.7.3-2.el6_1.P3.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.7.3-2.el6_1.P3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:39:32", "description": "A remote denial of service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well as authoritative) to exit.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : bind (ZYPP Patch Number 7614)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_BIND-7614.NASL", "href": "https://www.tenable.com/plugins/nessus/57161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57161);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2464\");\n\n script_name(english:\"SuSE 10 Security Update : bind (ZYPP Patch Number 7614)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote denial of service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well\nas authoritative) to exit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2464.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7614.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-libs-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"bind-utils-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-chrootenv-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-devel-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-doc-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-libs-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"bind-utils-9.6ESVR4P3-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6ESVR4P3-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:06", "description": "ISC reports :\n\nA defect in the affected BIND 9 versions allows an attacker to remotely cause the 'named' process to exit using a specially crafted packet.\n\nThis defect affects both recursive and authoritative servers.", "cvss3": {}, "published": "2011-07-06T00:00:00", "type": "nessus", "title": "FreeBSD : BIND -- Remote DoS against authoritative and recursive servers (fd64188d-a71d-11e0-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:bind96", "p-cpe:/a:freebsd:freebsd:bind97", "p-cpe:/a:freebsd:freebsd:bind98", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_FD64188DA71D11E089B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/55518", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55518);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2464\");\n\n script_name(english:\"FreeBSD : BIND -- Remote DoS against authoritative and recursive servers (fd64188d-a71d-11e0-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nA defect in the affected BIND 9 versions allows an attacker to\nremotely cause the 'named' process to exit using a specially crafted\npacket.\n\nThis defect affects both recursive and authoritative servers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.isc.org/software/bind/advisories/cve-2011-2464\"\n );\n # https://vuxml.freebsd.org/freebsd/fd64188d-a71d-11e0-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82473bdf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind98\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind96<9.6.3.1.ESV.R4.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind97<9.7.3.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind98<9.8.0.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:59", "description": "It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-07-06T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerability (USN-1163-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libdns36", "p-cpe:/a:canonical:ubuntu_linux:libdns64", "p-cpe:/a:canonical:ubuntu_linux:libdns66", "p-cpe:/a:canonical:ubuntu_linux:libdns69", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1163-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55522", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1163-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55522);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_xref(name:\"USN\", value:\"1163-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerability (USN-1163-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Bind incorrectly handled certain specially\ncrafted packets. A remote attacker could use this flaw to cause Bind\nto stop responding, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1163-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns66\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns69\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns36\", pkgver:\"1:9.4.2.dfsg.P2-2ubuntu0.8\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libdns64\", pkgver:\"1:9.7.0.dfsg.P1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libdns66\", pkgver:\"1:9.7.1.dfsg.P2-2ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libdns69\", pkgver:\"1:9.7.3.dfsg-1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libdns36 / libdns64 / libdns66 / libdns69\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:12", "description": "According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. If an attacker sends a specially crafted request to a BIND server it may cause the name server process to crash. \n\nNote that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually vulnerable.", "cvss3": {}, "published": "2011-07-07T00:00:00", "type": "nessus", "title": "ISC BIND 9 Unspecified Packet Processing Remote DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2018-09-17T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_980_P4.NASL", "href": "https://www.tenable.com/plugins/nessus/55534", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55534);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/09/17 21:46:53\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"CERT\", value:\"142646\");\n script_xref(name:\"Secunia\", value:\"45185\");\n\n script_name(english:\"ISC BIND 9 Unspecified Packet Processing Remote DoS\");\n script_summary(english:\"Checks version of BIND.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server may be affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote\ninstallation of BIND is potentially affected by a denial of service\nvulnerability. If an attacker sends a specially crafted request to a\nBIND server it may cause the name server process to crash. \n\nNote that Nessus has only relied on the version itself and has not\nattempted to determine whether or not the install is actually\nvulnerable.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ae0ba8c4\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1bd57ee2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76bd7779\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.isc.org/software/bind/advisories/cve-2011-2464\");\n\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to BIND 9.6-ESV-R4-P3 / 9.7.3-P3 / 9.8.0-P4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-2464\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"The issue causes ISC BIND to crash, which warrants an Availability impact score of Complete.\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/07\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2)\n exit(1, \"This plugin only runs if 'Report paranoia' is set to 'Paranoid'.\");\n\nver = get_kb_item_or_exit(\"bind/version\");\n\n# Check whether BIND is vulnerable, and recommend an upgrade.\nfix = NULL;\nif (ver =~ \"^9\\.5\\.3(b|rc)1($|[^0-9])\" || ver =~ \"^9\\.6(\\.3$|-ESV-R(4($|-P[12]($|[^0-9]))|3($|[^0-9])))\")\n fix = \"9.6-ESV-R4-P3\";\nelse if (ver =~ \"^9\\.7\\.([0-2]|3($|-P[12]($|[^0-9])))\" || ver == \"9.7.4b1\")\n fix = \"9.7.3-P3\";\nelse if (ver =~ \"^9\\.8\\.0($|-P[1-3]($|[^0-9]))\" || ver == \"9.8.1b1\")\n fix = \"9.8.0-P4\";\n\nif (isnull(fix))\n exit(0, \"BIND version \" + ver + \" is running on UDP port 53 and thus is not affected.\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:53, proto:\"udp\", extra:report);\n} else security_hole(port:53, proto:\"udp\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:22", "description": "A vulnerability was discovered and corrected in bind :\n\nUnspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request (CVE-2011-2464).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to bind 9.7.3-P3 which is not vulnerable to this issue.", "cvss3": {}, "published": "2011-07-21T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : bind (MDVSA-2011:115)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:bind", "p-cpe:/a:mandriva:linux:bind-devel", "p-cpe:/a:mandriva:linux:bind-doc", "p-cpe:/a:mandriva:linux:bind-utils", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-115.NASL", "href": "https://www.tenable.com/plugins/nessus/55634", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:115. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55634);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"MDVSA\", value:\"2011:115\");\n\n script_name(english:\"Mandriva Linux Security Advisory : bind (MDVSA-2011:115)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in bind :\n\nUnspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\nattackers to cause a denial of service (named daemon crash) via a\ncrafted UPDATE request (CVE-2011-2464).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to bind 9.7.3-P3 which is not\nvulnerable to this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-9.7.3-0.0.P3.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-devel-9.7.3-0.0.P3.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-doc-9.7.3-0.0.P3.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-utils-9.7.3-0.0.P3.1.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-9.7.3-0.0.P3.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-devel-9.7.3-0.0.P3.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-doc-9.7.3-0.0.P3.1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-utils-9.7.3-0.0.P3.1.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:10", "description": "Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "nessus", "title": "CentOS 5 : bind97 (CESA-2011:0926)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind97", "p-cpe:/a:centos:centos:bind97-chroot", "p-cpe:/a:centos:centos:bind97-devel", "p-cpe:/a:centos:centos:bind97-libs", "p-cpe:/a:centos:centos:bind97-utils", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/55536", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0926 and \n# CentOS Errata and Security Advisory 2011:0926 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55536);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"RHSA\", value:\"2011:0926\");\n\n script_name(english:\"CentOS 5 : bind97 (CESA-2011:0926)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind and bind97 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially crafted DNS\nrequest packet to BIND, causing it to exit unexpectedly due to a\nfailed assertion. (CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\nEnterprise Linux 6, are advised to upgrade to these updated packages,\nwhich resolve this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-July/017643.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f9e9d2d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-July/017644.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d5777ab8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-chroot-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-devel-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-libs-9.7.0-6.P2.el5_6.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-utils-9.7.0-6.P2.el5_6.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:06", "description": "New bind packages are available for Slackware 13.37, and -current to fix a security issue.", "cvss3": {}, "published": "2011-07-28T00:00:00", "type": "nessus", "title": "Slackware 13.37 / current : bind (SSA:2011-189-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.37"], "id": "SLACKWARE_SSA_2011-189-01.NASL", "href": "https://www.tenable.com/plugins/nessus/55704", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2011-189-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55704);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"SSA\", value:\"2011-189-01\");\n\n script_name(english:\"Slackware 13.37 / current : bind (SSA:2011-189-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 13.37, and -current to\nfix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.377171\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d696558\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.7.3_P3\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.3_P3\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.7.3_P3\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.3_P3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:09", "description": "This update fixes CVE-2011-2464.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-07-25T00:00:00", "type": "nessus", "title": "Fedora 14 : bind-9.7.4-0.3.b1.fc14 (2011-9127)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-9127.NASL", "href": "https://www.tenable.com/plugins/nessus/55657", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9127.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55657);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n script_xref(name:\"FEDORA\", value:\"2011-9127\");\n\n script_name(english:\"Fedora 14 : bind-9.7.4-0.3.b1.fc14 (2011-9127)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2011-2464.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=718966\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28aac3b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bind-9.7.4-0.3.b1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:38:56", "description": "Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a Denial of Service (DoS) (named daemon crash) by way of a crafted UPDATE request.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIND vulnerability (SOL12986)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL12986.NASL", "href": "https://www.tenable.com/plugins/nessus/78130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL12986.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78130);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n\n script_name(english:\"F5 Networks BIG-IP : BIND vulnerability (SOL12986)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3,\n9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote\nattackers to cause a Denial of Service (DoS) (named daemon crash) by\nway of a crafted UPDATE request.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K12986\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL12986.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL12986\";\nvmatrix = make_array();\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"9\",\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.2.1HF2\",\"10.2.1HF3\",\"10.2.2\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"10.0.0-10.2.1\",\"10.2.1HF1\",\"10.2.2HF1\",\"10.2.3\",\"11\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:32:48", "description": "A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 has been assigned to this issue.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_BIND-110706.NASL", "href": "https://www.tenable.com/plugins/nessus/75794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-4843.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75794);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)\");\n script_summary(english:\"Check for the bind-4843 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well\nas authoritative) to exit. CVE-2011-2464 has been assigned to this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=703907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-07/msg00019.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-chrootenv-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-debuginfo-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-debugsource-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-devel-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-libs-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-libs-debuginfo-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-utils-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"bind-utils-debuginfo-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.7.3P3-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:31:57", "description": "A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well as authoritative) to exit. CVE-2011-2464 has been assigned to this issue.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_BIND-110706.NASL", "href": "https://www.tenable.com/plugins/nessus/75440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-4843.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75440);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2464\");\n script_bugtraq_id(48566);\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)\");\n script_summary(english:\"Check for the bind-4843 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote Denial of Service vulnerability has been fixed in bind.\nSpecially crafted packets could cause bind servers (recursive as well\nas authoritative) to exit. CVE-2011-2464 has been assigned to this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=703907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-07/msg00019.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-chrootenv-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-devel-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-libs-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-utils-9.7.3P3-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.7.3P3-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:46", "description": "The remote host is running Bind, a popular name server. \n\nVersions of BIND 9.6 earlier than 9.6-ESV-R4-P3, 9.7 earlier than 9.7.3-P3, and 9.8 earlier than 9.8.0-P4 are potentially affected by a denial of service vulnerability. If an attacker sends a specially crafted request to a BIND server it may cause the name server process to crash.", "cvss3": {}, "published": "2011-07-07T00:00:00", "type": "nessus", "title": "ISC BIND 9 Unspecified Packet Processing Remote DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*"], "id": "5982.PRM", "href": "https://www.tenable.com/plugins/nnm/5982", "sourceData": "Binary data 5982.prm", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:04", "description": "It was discovered that Bind incorrectly handled certain bad signatures if multiple trust anchors existed for a single zone. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS. (CVE-2010-3762)\n\nFrank Kloeker and Michael Sinatra discovered that Bind incorrectly handled certain very large RRSIG RRsets included in negative responses. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. (CVE-2011-1910).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-06-13T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerabilities (USN-1139-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3762", "CVE-2011-1910"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libdns36", "p-cpe:/a:canonical:ubuntu_linux:libdns64", "p-cpe:/a:canonical:ubuntu_linux:libdns66", "p-cpe:/a:canonical:ubuntu_linux:libdns69", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1139-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55101", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1139-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55101);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-3762\", \"CVE-2011-1910\");\n script_bugtraq_id(45385, 48007);\n script_xref(name:\"USN\", value:\"1139-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerabilities (USN-1139-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Bind incorrectly handled certain bad signatures\nif multiple trust anchors existed for a single zone. A remote attacker\ncould use this flaw to cause Bind to stop responding, resulting in a\ndenial of service. This issue only affected Ubuntu 8.04 LTS and 10.04\nLTS. (CVE-2010-3762)\n\nFrank Kloeker and Michael Sinatra discovered that Bind incorrectly\nhandled certain very large RRSIG RRsets included in negative\nresponses. A remote attacker could use this flaw to cause Bind to stop\nresponding, resulting in a denial of service. (CVE-2011-1910).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1139-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns66\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns69\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns36\", pkgver:\"1:9.4.2.dfsg.P2-2ubuntu0.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libdns64\", pkgver:\"1:9.7.0.dfsg.P1-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libdns66\", pkgver:\"1:9.7.1.dfsg.P2-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libdns69\", pkgver:\"1:9.7.3.dfsg-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libdns36 / libdns64 / libdns66 / libdns69\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:34:01", "description": "Update to the 9.8.0-P4 security release.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-07-12T00:00:00", "type": "nessus", "title": "Fedora 15 : bind-9.8.0-7.P4.fc15 (2011-9146)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-9146.NASL", "href": "https://www.tenable.com/plugins/nessus/55562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9146.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55562);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-2465\");\n script_bugtraq_id(48565, 48566);\n script_xref(name:\"FEDORA\", value:\"2011-9146\");\n\n script_name(english:\"Fedora 15 : bind-9.8.0-7.P4.fc15 (2011-9146)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the 9.8.0-P4 security release.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=718966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=718971\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cfe01447\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"bind-9.8.0-7.P4.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:22:36", "description": "s700_800 11.23 BIND 9.2.0 Revision 5.0 : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).\n (HPSBUX02729 SSRT100687)\n\n - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).\n (HPSBUX02719 SSRT100658)", "cvss3": {}, "published": "2012-03-06T00:00:00", "type": "nessus", "title": "HP-UX PHNE_42727 : s700_800 11.23 BIND 9.2.0 Revision 5.0", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464", "CVE-2011-4313"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHNE_42727.NASL", "href": "https://www.tenable.com/plugins/nessus/56840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_42727. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56840);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2464\", \"CVE-2011-4313\");\n script_bugtraq_id(48566, 50690);\n script_xref(name:\"HP\", value:\"emr_na-c03070783\");\n script_xref(name:\"HP\", value:\"emr_na-c03105548\");\n script_xref(name:\"HP\", value:\"HPSBUX02719\");\n script_xref(name:\"HP\", value:\"HPSBUX02729\");\n script_xref(name:\"HP\", value:\"SSRT100658\");\n script_xref(name:\"HP\", value:\"SSRT100687\");\n\n script_name(english:\"HP-UX PHNE_42727 : s700_800 11.23 BIND 9.2.0 Revision 5.0\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.23 BIND 9.2.0 Revision 5.0 : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - A potential security vulnerability has been identified\n with HP-UX running BIND. This vulnerability could be\n exploited remotely to create a Denial of Service (DoS).\n (HPSBUX02729 SSRT100687)\n\n - A potential security vulnerability has been identified\n with HP-UX running BIND. This vulnerability could be\n exploited remotely to create a Denial of Service (DoS).\n (HPSBUX02719 SSRT100658)\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03070783\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2bacaaaa\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03105548\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9dec5a6d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_42727 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2012/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.23\"))\n{\n exit(0, \"The host is not affected since PHNE_42727 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_42727\", \"PHNE_43096\", \"PHNE_43278\", \"PHNE_43369\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"InternetSrvcs.INET-ENG-A-MAN\", version:\"B.11.23\")) flag++;\nif (hpux_check_patch(app:\"InternetSrvcs.INET-JPN-E-MAN\", version:\"B.11.23\")) flag++;\nif (hpux_check_patch(app:\"InternetSrvcs.INET-JPN-S-MAN\", version:\"B.11.23\")) flag++;\nif (hpux_check_patch(app:\"InternetSrvcs.INETSVCS-INETD\", version:\"B.11.23\")) flag++;\nif (hpux_check_patch(app:\"InternetSrvcs.INETSVCS-RUN\", version:\"B.11.23\")) flag++;\nif (hpux_check_patch(app:\"InternetSrvcs.INETSVCS2-RUN\", version:\"B.11.23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:24:50", "description": "The remote host is affected by the vulnerability described in GLSA-201206-01 (BIND: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.\n Impact :\n\n The vulnerabilities allow remote attackers to cause a Denial of Service (daemon crash) via a DNS query, to bypass intended access restrictions, to incorrectly cache a ncache entry and a rrsig for the same type and to incorrectly mark zone data as insecure.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "nessus", "title": "GLSA-201206-01 : BIND: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615", "CVE-2010-3762", "CVE-2011-0414", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2465", "CVE-2011-4313"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:bind", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201206-01.NASL", "href": "https://www.tenable.com/plugins/nessus/59629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59629);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_xref(name:\"GLSA\", value:\"201206-01\");\n\n script_name(english:\"GLSA-201206-01 : BIND: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-01\n(BIND: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n The vulnerabilities allow remote attackers to cause a Denial of Service\n (daemon crash) via a DNS query, to bypass intended access restrictions,\n to incorrectly cache a ncache entry and a rrsig for the same type and to\n incorrectly mark zone data as insecure.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All bind users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already\n no longer affected by this issue.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/bind\", unaffected:make_list(\"ge 9.7.4_p1\"), vulnerable:make_list(\"lt 9.7.4_p1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"BIND\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:36:42", "description": "The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreMedia\n - CoreProcesses\n - CoreStorage\n - File Systems\n - iChat Server\n - Kernel\n - libsecurity\n - Open Directory\n - PHP\n - python\n - QuickTime\n - SMB File Server\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2011-0185", "CVE-2011-0187", "CVE-2011-0226", "CVE-2011-0230", "CVE-2011-0260", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3212", "CVE-2011-3213", "CVE-2011-3215", "CVE-2011-3216", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3225", "CVE-2011-3226", "CVE-2011-3227", "CVE-2011-3228", "CVE-2011-3246", "CVE-2011-3435", "CVE-2011-3436", "CVE-2011-3437"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_7_2.NASL", "href": "https://www.tenable.com/plugins/nessus/56480", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56480);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2011-0185\",\n \"CVE-2011-0187\",\n \"CVE-2011-0226\",\n \"CVE-2011-0230\",\n \"CVE-2011-0260\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3212\",\n \"CVE-2011-3213\",\n \"CVE-2011-3215\",\n \"CVE-2011-3216\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3225\",\n \"CVE-2011-3226\",\n \"CVE-2011-3227\",\n \"CVE-2011-3228\",\n \"CVE-2011-3246\",\n \"CVE-2011-3435\",\n \"CVE-2011-3436\",\n \"CVE-2011-3437\"\n );\n script_bugtraq_id(\n 40370,\n 40863,\n 48007,\n 48250,\n 48566,\n 48618,\n 48619,\n 48660,\n 49303,\n 50085,\n 50092,\n 50100,\n 50101,\n 50109,\n 50112,\n 50113,\n 50114,\n 50115,\n 50116,\n 50120,\n 50121,\n 50127,\n 50129,\n 50130,\n 50131,\n 50144,\n 50146,\n 50153 \n );\n\n script_name(english:\"Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.7.x that is prior\nto 10.7.2. This version contains numerous security-related fixes for\nthe following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreMedia\n - CoreProcesses\n - CoreStorage\n - File Systems\n - iChat Server\n - Kernel\n - libsecurity\n - Open Directory\n - PHP\n - python\n - QuickTime\n - SMB File Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Mac OS X 10.7.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(0, \"The 'Host/OS' KB item is missing.\");\n if (\"Mac OS X\" >!< os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.7($|\\.[0-1]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:36:24", "description": "Versions of Mac OS X 10.7 earlier than 10.7.2 are potentially affected by a security issue. Mac OS X 10.7.2 contains a security fix for the following products : \n\n - Apache\n\n - Application Firewall\n\n - ATS\n\n - BIND\n\n - Certificate Trust Policy\n\n - CFNetwork\n\n - CoreMedia\n\n - CoreProcesses\n\n - CoreStorage\n\n - File Systems\n\n - iChat Server\n\n - Kernel\n\n - libsecurity\n\n - Open Directory\n\n - PHP\n\n - python\n\n - QuickTime\n\n - SMB File Server\n\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.7 < 10.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2011-0185", "CVE-2011-0187", "CVE-2011-0226", "CVE-2011-0230", "CVE-2011-0260", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3212", "CVE-2011-3213", "CVE-2011-3215", "CVE-2011-3216", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3225", "CVE-2011-3226", "CVE-2011-3227", "CVE-2011-3228", "CVE-2011-3246", "CVE-2011-3435", "CVE-2011-3436", "CVE-2011-3437"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "6039.PRM", "href": "https://www.tenable.com/plugins/nnm/6039", "sourceData": "Binary data 6039.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:23:59", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Fix CVE-2017-3136 (ISC change 4575)\n\n - Fix CVE-2017-3137 (ISC change 4578)\n\n - Fix and test caching CNAME before DNAME (ISC change 4558)\n\n - Fix CVE-2016-9147 (ISC change 4510)\n\n - Fix regression introduced by CVE-2016-8864 (ISC change 4530)\n\n - Restore SELinux contexts before named restart\n\n - Use /lib or /lib64 only if directory in chroot already exists\n\n - Tighten NSS library pattern, escape chroot mount path\n\n - Fix (CVE-2016-8864)\n\n - Do not change lib permissions in chroot (#1321239)\n\n - Support WKS records in chroot (#1297562)\n\n - Do not include patch backup in docs (fixes #1325081 patch)\n\n - Backported relevant parts of [RT #39567] (#1259923)\n\n - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283)\n\n - Fix multiple realms in nsupdate script like upstream (#1313286)\n\n - Fix multiple realm in nsupdate script (#1313286)\n\n - Use resolver-query-timeout high enough to recover all forwarders (#1325081)\n\n - Fix (CVE-2016-2848)\n\n - Fix infinite loop in start_lookup (#1306504)\n\n - Fix (CVE-2016-2776)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2017-04-21T00:00:00", "type": "nessus", "title": "OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4095", "CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926", "CVE-2007-6283", "CVE-2008-0122", "CVE-2008-1447", "CVE-2009-0025", "CVE-2009-0696", "CVE-2010-0097", "CVE-2010-0290", "CVE-2011-0414", "CVE-2011-1910", "CVE-2011-2464", "CVE-2012-1033", "CVE-2012-1667", "CVE-2012-3817", "CVE-2012-4244", "CVE-2012-5166", "CVE-2012-5688", "CVE-2012-5689", "CVE-2013-2266", "CVE-2013-4854", "CVE-2014-0591", "CVE-2014-8500", "CVE-2015-1349", "CVE-2015-4620", "CVE-2015-5477", "CVE-2015-5722", "CVE-2015-8000", "CVE-2015-8704", "CVE-2016-1285", "CVE-2016-1286", "CVE-2016-2776", "CVE-2016-2848", "CVE-2016-8864", "CVE-2016-9147", "CVE-2017-3136", "CVE-2017-3137"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:bind-libs", "p-cpe:/a:oracle:vm:bind-utils", "cpe:/o:oracle:vm_server:3.3", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2017-0066.NASL", "href": "https://www.tenable.com/plugins/nessus/99569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0066.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99569);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-4095\", \"CVE-2007-2241\", \"CVE-2007-2925\", \"CVE-2007-2926\", \"CVE-2007-6283\", \"CVE-2008-0122\", \"CVE-2008-1447\", \"CVE-2009-0025\", \"CVE-2009-0696\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2012-1033\", \"CVE-2012-1667\", \"CVE-2012-3817\", \"CVE-2012-4244\", \"CVE-2012-5166\", \"CVE-2012-5688\", \"CVE-2012-5689\", \"CVE-2013-2266\", \"CVE-2013-4854\", \"CVE-2014-0591\", \"CVE-2014-8500\", \"CVE-2015-1349\", \"CVE-2015-4620\", \"CVE-2015-5477\", \"CVE-2015-5722\", \"CVE-2015-8000\", \"CVE-2015-8704\", \"CVE-2016-1285\", \"CVE-2016-1286\", \"CVE-2016-2776\", \"CVE-2016-2848\", \"CVE-2016-8864\", \"CVE-2016-9147\", \"CVE-2017-3136\", \"CVE-2017-3137\");\n script_bugtraq_id(19859, 25037, 27283, 30131, 33151, 35848, 37118, 37865, 46491, 48007, 48566, 51898, 53772, 54658, 55522, 55852, 56817, 57556, 58736, 61479, 64801, 71590, 72673, 75588);\n script_xref(name:\"IAVA\", value:\"2008-A-0045\");\n script_xref(name:\"IAVA\", value:\"2017-A-0004\");\n\n script_name(english:\"OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix CVE-2017-3136 (ISC change 4575)\n\n - Fix CVE-2017-3137 (ISC change 4578)\n\n - Fix and test caching CNAME before DNAME (ISC change\n 4558)\n\n - Fix CVE-2016-9147 (ISC change 4510)\n\n - Fix regression introduced by CVE-2016-8864 (ISC change\n 4530)\n\n - Restore SELinux contexts before named restart\n\n - Use /lib or /lib64 only if directory in chroot already\n exists\n\n - Tighten NSS library pattern, escape chroot mount path\n\n - Fix (CVE-2016-8864)\n\n - Do not change lib permissions in chroot (#1321239)\n\n - Support WKS records in chroot (#1297562)\n\n - Do not include patch backup in docs (fixes #1325081\n patch)\n\n - Backported relevant parts of [RT #39567] (#1259923)\n\n - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283)\n\n - Fix multiple realms in nsupdate script like upstream\n (#1313286)\n\n - Fix multiple realm in nsupdate script (#1313286)\n\n - Use resolver-query-timeout high enough to recover all\n forwarders (#1325081)\n\n - Fix (CVE-2016-2848)\n\n - Fix infinite loop in start_lookup (#1306504)\n\n - Fix (CVE-2016-2776)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-April/000681.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd826bc7\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-April/000680.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?67f77036\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind-libs / bind-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(16, 189, 200, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"(3\\.3|3\\.4)\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3 / 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-libs-9.8.2-0.62.rc1.el6_9.1\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-utils-9.8.2-0.62.rc1.el6_9.1\")) flag++;\n\nif (rpm_check(release:\"OVS3.4\", reference:\"bind-libs-9.8.2-0.62.rc1.el6_9.1\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"bind-utils-9.8.2-0.62.rc1.el6_9.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind-libs / bind-utils\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:15:09", "description": "The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-05T00:00:00", "type": "nessus", "title": "OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4095", "CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926", "CVE-2007-6283", "CVE-2008-0122", "CVE-2008-1447", "CVE-2009-0025", "CVE-2009-0696", "CVE-2010-0097", "CVE-2010-0290", "CVE-2011-0414", "CVE-2011-1910", "CVE-2011-2464", "CVE-2012-1033", "CVE-2012-1667", "CVE-2012-3817", "CVE-2012-4244", "CVE-2012-5166", "CVE-2012-5688", "CVE-2012-5689", "CVE-2013-2266", "CVE-2013-4854", "CVE-2014-0591", "CVE-2014-8500", "CVE-2015-1349", "CVE-2015-4620", "CVE-2015-5477", "CVE-2015-5722", "CVE-2015-8000", "CVE-2015-8704", "CVE-2016-1285", "CVE-2016-1286", "CVE-2016-2776", "CVE-2016-2848", "CVE-2016-8864", "CVE-2016-9147", "CVE-2017-3136", "CVE-2017-3137", "CVE-2017-3142", "CVE-2017-3143", "CVE-2017-3145", "CVE-2018-5740", "CVE-2018-5743", "CVE-2020-8616", "CVE-2020-8617"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:bind-libs", "p-cpe:/a:oracle:vm:bind-utils", "cpe:/o:oracle:vm_server:3.3", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2020-0021.NASL", "href": "https://www.tenable.com/plugins/nessus/137170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2020-0021.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137170);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2006-4095\", \"CVE-2007-2241\", \"CVE-2007-2925\", \"CVE-2007-2926\", \"CVE-2007-6283\", \"CVE-2008-0122\", \"CVE-2008-1447\", \"CVE-2009-0025\", \"CVE-2009-0696\", \"CVE-2010-0097\", \"CVE-2010-0290\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2012-1033\", \"CVE-2012-1667\", \"CVE-2012-3817\", \"CVE-2012-4244\", \"CVE-2012-5166\", \"CVE-2012-5688\", \"CVE-2012-5689\", \"CVE-2013-2266\", \"CVE-2013-4854\", \"CVE-2014-0591\", \"CVE-2014-8500\", \"CVE-2015-1349\", \"CVE-2015-4620\", \"CVE-2015-5477\", \"CVE-2015-5722\", \"CVE-2015-8000\", \"CVE-2015-8704\", \"CVE-2016-1285\", \"CVE-2016-1286\", \"CVE-2016-2776\", \"CVE-2016-2848\", \"CVE-2016-8864\", \"CVE-2016-9147\", \"CVE-2017-3136\", \"CVE-2017-3137\", \"CVE-2017-3142\", \"CVE-2017-3143\", \"CVE-2017-3145\", \"CVE-2018-5740\", \"CVE-2018-5743\", \"CVE-2020-8616\", \"CVE-2020-8617\");\n script_bugtraq_id(19859, 25037, 27283, 30131, 33151, 35848, 37118, 37865, 46491, 48007, 48566, 51898, 53772, 54658, 55522, 55852, 56817, 57556, 58736, 61479, 64801, 71590, 72673, 75588);\n\n script_name(english:\"OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates : please see Oracle VM Security Advisory\nOVMSA-2020-0021 for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000984.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000981.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000982.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected bind-libs / bind-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-0122\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(16, 189, 200, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"(3\\.3|3\\.4)\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3 / 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-libs-9.8.2-0.68.rc1.el6_10.7\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"bind-utils-9.8.2-0.68.rc1.el6_10.7\")) flag++;\n\nif (rpm_check(release:\"OVS3.4\", reference:\"bind-libs-9.8.2-0.68.rc1.el6_10.7\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"bind-utils-9.8.2-0.68.rc1.el6_10.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind-libs / bind-utils\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:46:06", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by multiple vulnerabilities:\n\n - In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.\n (CVE-2020-8622)\n\n - In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with\n --enable-native-pkcs11 * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker (CVE-2020-8623)\n\n - In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. (CVE-2020-8624)\n\n - BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.\n (CVE-2006-4095)\n\n - Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. (CVE-2007-2241)\n\n - The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache. (CVE-2007-2925)\n\n - ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning. (CVE-2007-2926)\n\n - Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. (CVE-2007-6283)\n\n - Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.\n (CVE-2008-0122)\n\n - The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka DNS Insufficient Socket Entropy Vulnerability or the Kaminsky bug.\n (CVE-2008-1447)\n\n - BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. (CVE-2009-0025)\n\n - The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. (CVE-2009-0696)\n\n - BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. (CVE-2010-0213)\n\n - ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.\n (CVE-2011-1907)\n\n - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. (CVE-2011-1910)\n\n - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. (CVE-2011-4313)\n\n - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. (CVE-2012-1667)\n\n - libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. (CVE-2013-2266)\n\n - resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone. (CVE-2013-3919)\n\n - The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. (CVE-2013-4854)\n\n - The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature. (CVE-2014-0591)\n\n - A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.\n (CVE-2019-6471)\n\n - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. (CVE-2020-8616)\n\n - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. (CVE-2020-8617)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2021-0017)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4095", "CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926", "CVE-2007-6283", "CVE-2008-0122", "CVE-2008-1447", "CVE-2008-5077", "CVE-2009-0025", "CVE-2009-0696", "CVE-2010-0213", "CVE-2011-1907", "CVE-2011-1910", "CVE-2011-4313", "CVE-2012-1667", "CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854", "CVE-2014-0591", "CVE-2019-6471", "CVE-2020-8616", "CVE-2020-8617", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624"], "modified": "2022-05-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0017_BIND.NASL", "href": "https://www.tenable.com/plugins/nessus/147379", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0017. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147379);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2006-4095\",\n \"CVE-2007-2241\",\n \"CVE-2007-2925\",\n \"CVE-2007-2926\",\n \"CVE-2007-6283\",\n \"CVE-2008-0122\",\n \"CVE-2008-1447\",\n \"CVE-2009-0025\",\n \"CVE-2009-0696\",\n \"CVE-2010-0213\",\n \"CVE-2011-1907\",\n \"CVE-2011-1910\",\n \"CVE-2011-4313\",\n \"CVE-2012-1667\",\n \"CVE-2013-2266\",\n \"CVE-2013-3919\",\n \"CVE-2013-4854\",\n \"CVE-2014-0591\",\n \"CVE-2019-6471\",\n \"CVE-2020-8616\",\n \"CVE-2020-8617\",\n \"CVE-2020-8622\",\n \"CVE-2020-8623\",\n \"CVE-2020-8624\"\n );\n script_bugtraq_id(\n 19859,\n 23738,\n 25037,\n 25076,\n 27283,\n 30131,\n 33151,\n 35848,\n 41730,\n 47734,\n 48007,\n 50690,\n 53772,\n 58736,\n 60338,\n 61479,\n 64801,\n 81519,\n 108854\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2021-0017)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by\nmultiple vulnerabilities:\n\n - In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the\n BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating\n the server receiving the TSIG-signed request, could send a truncated response to that request, triggering\n an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to\n correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and\n message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.\n (CVE-2020-8622)\n\n - In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the\n BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted\n query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with\n --enable-native-pkcs11 * be signing one or more zones with an RSA key * be able to receive queries from\n a possible attacker (CVE-2020-8623)\n\n - In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also\n affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An\n attacker who has been granted privileges to change a specific subset of the zone's content could abuse\n these unintended additional privileges to update other contents of the zone. (CVE-2020-8624)\n\n - BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service\n (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.\n (CVE-2006-4095)\n\n - Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is\n enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries\n processed by the query_addsoa function. (CVE-2007-2241)\n\n - The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set\n the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries\n and query the cache. (CVE-2007-2925)\n\n - ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when\n answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for\n remote attackers to guess the next query id and perform DNS cache poisoning. (CVE-2007-2926)\n\n - Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions,\n which allows local users to perform unauthorized named commands, such as causing a denial of service by\n stopping named. (CVE-2007-6283)\n\n - Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in\n FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service\n (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.\n (CVE-2008-0122)\n\n - The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2)\n Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations\n allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to\n conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction\n IDs and source ports, aka DNS Insufficient Socket Entropy Vulnerability or the Kaminsky bug.\n (CVE-2008-1447)\n\n - BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL\n DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a\n malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. (CVE-2009-0025)\n\n - The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3,\n and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of\n service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted\n dynamic update message, as exploited in the wild in July 2009. (CVE-2009-0696)\n\n - BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured\n statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service\n (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to\n repeatedly send RRSIG queries to the authoritative servers. (CVE-2010-0213)\n\n - ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows\n remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.\n (CVE-2011-1907)\n\n - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before\n 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service\n (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. (CVE-2011-1910)\n\n - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0\n through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial\n of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error\n logging, and the caching of an invalid record by the resolver. (CVE-2011-4313)\n\n - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before\n 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows\n remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive\n information from process memory via a crafted record. (CVE-2012-1667)\n\n - libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3\n before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption)\n via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running\n a named process. (CVE-2013-2266)\n\n - resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1,\n when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion\n failure and named daemon exit) via a query for a record in a malformed zone. (CVE-2013-3919)\n\n - The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before\n 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers\n to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA\n section that is not properly handled during construction of a log message, as exploited in the wild in\n July 2013. (CVE-2013-4854)\n\n - The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and\n 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of\n service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver\n that uses the NSEC3 signing feature. (CVE-2014-0591)\n\n - A race condition which may occur when discarding malformed packets can result in BIND exiting due to a\n REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1,\n 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND\n 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.\n (CVE-2019-6471)\n\n - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches\n performed when processing referrals can, through the use of specially crafted referrals, cause a recursing\n server to issue a very large number of fetches in an attempt to process the referral. This has at least\n two potential effects: The performance of the recursing server can potentially be degraded by the\n additional work required to perform these fetches, and The attacker can exploit this behavior to use the\n recursing server as a reflector in a reflection attack with a high amplification factor. (CVE-2020-8616)\n\n - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an\n inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the\n server. Since BIND, by default, configures a local session key even on servers whose configuration does\n not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating\n from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately\n exits. Prior to the introduction of the check the server would continue operating in an inconsistent\n state, with potentially harmful results. (CVE-2020-8617)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0017\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL bind packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-0122\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2008-1447\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'bind-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-chroot-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-debuginfo-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-export-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-export-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-libs-lite-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-license-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-lite-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-utils-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-sdb-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-sdb-chroot-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-utils-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173'\n ],\n 'CGSL MAIN 5.04': [\n 'bind-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-chroot-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-debuginfo-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-export-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-export-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-libs-lite-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-license-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-lite-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-devel-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-libs-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-pkcs11-utils-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-sdb-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-sdb-chroot-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173',\n 'bind-utils-9.11.4-26.P2.el7_9.2.cgslv5.0.1.gd99f173'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:37:08", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2011-006)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4022", "CVE-2010-0097", "CVE-2010-1157", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-2227", "CVE-2010-3436", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4645", "CVE-2011-0013", "CVE-2011-0185", "CVE-2011-0224", "CVE-2011-0229", "CVE-2011-0230", "CVE-2011-0231", "CVE-2011-0249", "CVE-2011-0250", "CVE-2011-0251", "CVE-2011-0252", "CVE-2011-0259", "CVE-2011-0411", "CVE-2011-0419", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0534", "CVE-2011-0707", "CVE-2011-0708", "CVE-2011-1092", "CVE-2011-1153", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3213", "CVE-2011-3214", "CVE-2011-3217", "CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3224", "CVE-2011-3228"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2011-006.NASL", "href": "https://www.tenable.com/plugins/nessus/56481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56481);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-4022\",\n \"CVE-2010-0097\",\n \"CVE-2010-1157\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2010-2227\",\n \"CVE-2010-3436\",\n \"CVE-2010-3613\",\n \"CVE-2010-3614\",\n \"CVE-2010-3718\",\n \"CVE-2010-4172\",\n \"CVE-2010-4645\",\n \"CVE-2011-0013\",\n \"CVE-2011-0185\",\n \"CVE-2011-0224\",\n \"CVE-2011-0229\",\n \"CVE-2011-0230\",\n \"CVE-2011-0231\",\n \"CVE-2011-0249\",\n \"CVE-2011-0250\",\n \"CVE-2011-0251\",\n \"CVE-2011-0252\",\n \"CVE-2011-0259\",\n \"CVE-2011-0411\",\n \"CVE-2011-0419\",\n \"CVE-2011-0420\",\n \"CVE-2011-0421\",\n \"CVE-2011-0534\",\n \"CVE-2011-0707\",\n \"CVE-2011-0708\",\n \"CVE-2011-1092\",\n \"CVE-2011-1153\",\n \"CVE-2011-1466\",\n \"CVE-2011-1467\",\n \"CVE-2011-1468\",\n \"CVE-2011-1469\",\n \"CVE-2011-1470\",\n \"CVE-2011-1471\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3213\",\n \"CVE-2011-3214\",\n \"CVE-2011-3217\",\n \"CVE-2011-3218\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3224\",\n \"CVE-2011-3228\"\n );\n script_bugtraq_id(\n 37118,\n 37865,\n 39635,\n 40370,\n 40863,\n 41544,\n 44723,\n 45015,\n 45133,\n 45137,\n 45668,\n 46164,\n 46174,\n 46177,\n 46354,\n 46365,\n 46429,\n 46464,\n 46767,\n 46786,\n 46854,\n 46967,\n 46968,\n 46969,\n 46970,\n 46975,\n 46977,\n 48007,\n 48250,\n 48566,\n 48618,\n 48660,\n 49303,\n 50085,\n 50091,\n 50092,\n 50095,\n 50098,\n 50100,\n 50101,\n 50111,\n 50116,\n 50117,\n 50122,\n 50127,\n 50130,\n 50131,\n 50150 \n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2011-006)\");\n script_summary(english:\"Check for the presence of Security Update 2011-006\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2011-006 applied. This update contains numerous\nsecurity-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-295/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2011-006 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) \n{\n packages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2011\\.00[6-9]|201[2-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2011-006 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running \"+os+\" and therefore is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:52", "description": "[32:9.7.3-2.3.P3]\n- fix DOS against recursive servers (#754398)\n[32:9.7.3-2.2.P3]\n- update to 9.7.3-P3 (CVE-2011-2464)\n[32:9.7.3-2.1.P1]\n- update to 9.7.3-P1 (CVE-2011-1910)", "cvss3": {}, "published": "2011-11-17T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-4313", "CVE-2011-1910"], "modified": "2011-11-17T00:00:00", "id": "ELSA-2011-1458", "href": "http://linux.oracle.com/errata/ELSA-2011-1458.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "[32:9.7.3-2.1.P1]\r\n- update to 9.7.3-P1 (CVE-2011-1910)", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-31T00:00:00", "id": "ELSA-2011-0845", "href": "http://linux.oracle.com/errata/ELSA-2011-0845.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:26", "description": "[32:9.7.3-2.2.P3]\r\n- update to 9.7.3-P3 (CVE-2011-2464)", "cvss3": {}, "published": "2011-07-07T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-07T00:00:00", "id": "ELSA-2011-0926", "href": "http://linux.oracle.com/errata/ELSA-2011-0926.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2023-01-01T04:47:27", "description": "**CentOS Errata and Security Advisory** CESA-2011:0845\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses\nwith large resource record sets (RRSets). An attacker able to send\nrecursive queries to a BIND server that is configured as a caching\nresolver could use this flaw to cause named to exit with an assertion\nfailure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067074.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-May/067075.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2011:0845", "cvss3": {}, "published": "2011-05-31T17:03:46", "type": "centos", "title": "bind97 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-31T17:03:46", "id": "CESA-2011:0845", "href": "https://lists.centos.org/pipermail/centos-announce/2011-May/067074.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-01T04:47:19", "description": "**CentOS Errata and Security Advisory** CESA-2011:0926\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially-crafted DNS request\npacket to BIND, causing it to exit unexpectedly due to a failed assertion.\n(CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\nEnterprise Linux 6, are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-July/067118.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-July/067119.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2011:0926", "cvss3": {}, "published": "2011-07-07T22:46:35", "type": "centos", "title": "bind97 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-07T22:46:36", "id": "CESA-2011:0926", "href": "https://lists.centos.org/pipermail/centos-announce/2011-July/067118.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd_advisory": [{"lastseen": "2023-01-09T15:24:41", "description": "\\-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:02.bind Security Advisory The FreeBSD Project Topic: BIND remote DoS with large RRSIG RRsets and negative caching Category: contrib Module: bind Announced: 2011-05-28 Credits: Frank Kloeker, Michael Sinatra. Affects: All supported versions of FreeBSD. Corrected: 2011-05-28 00:58:19 UTC (RELENG_7, 7.4-STABLE) 2011-05-28 08:44:39 UTC (RELENG_7_3, 7.3-RELEASE-p6) 2011-05-28 08:44:39 UTC (RELENG_7_4, 7.4-RELEASE-p2) 2011-05-28 00:33:06 UTC (RELENG_8, 8.2-STABLE) 2011-05-28 08:44:39 UTC (RELENG_8_1, 8.1-RELEASE-p4) 2011-05-28 08:44:39 UTC (RELENG_8_2, 8.2-RELEASE-p2) CVE Name: CVE-2011-1910 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. DNS Security Extensions (DNSSEC) provides data integrity, origin authentication and authenticated denial of existence to resolvers. II. Problem Description Very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named(8) due to an off-by-one error in a buffer size check. III. Impact If named(8) is being used as a recursive resolver, an attacker who controls a DNS zone being resolved can cause named(8) to crash, resulting in a denial of (DNS resolving) service. DNSSEC does not need to be enabled on the resolver for it to be vulnerable. IV. Workaround No workaround is available, but systems not running the BIND DNS server or using it exclusively as an authoritative name server (i.e., not as a caching resolver) are not vulnerable. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to the RELENG_8_2, RELENG_8_1, RELENG_7_4, or RELENG_7_3 security branch dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to FreeBSD 7.3, 7.4, 8.1 and 8.2 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-11:02/bind.patch # fetch http://security.FreeBSD.org/patches/SA-11:02/bind.patch.asc b) Execute the following commands as root: # cd /usr/src # patch &lt; /path/to/patch # cd /usr/src/lib/bind # make obj &amp;&amp; make depend &amp;&amp; make &amp;&amp; make install # cd /usr/src/usr.sbin/named # make obj &amp;&amp; make depend &amp;&amp; make &amp;&amp; make install # /etc/rc.d/named restart 3) To update your vulnerable system via a binary patch: Systems running 7.3-RELEASE, 7.4-RELEASE, 8.1-RELEASE, or 8.2-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path \\- ------------------------------------------------------------------------- RELENG_7 src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.2.3 RELENG_7_4 src/UPDATING 1.507.2.36.2.4 src/sys/conf/newvers.sh 1.72.2.18.2.7 src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.2.2.2.1 RELENG_7_3 src/UPDATING 1.507.2.34.2.8 src/sys/conf/newvers.sh 1.72.2.16.2.10 src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.10.1 RELENG_8 src/contrib/bind9/lib/dns/ncache.c 1.2.2.4 RELENG_8_2 src/UPDATING 1.632.2.19.2.4 src/sys/conf/newvers.sh 1.83.2.12.2.7 src/contrib/bind9/lib/dns/ncache.c 1.2.2.2.2.1 RELENG_8_1 src/UPDATING 1.632.2.14.2.7 src/sys/conf/newvers.sh 1.83.2.10.2.8 src/contrib/bind9/lib/dns/ncache.c 1.2.2.1.2.1 \\- ------------------------------------------------------------------------- Subversion: Branch/path Revision \\- ------------------------------------------------------------------------- stable/7/ r222399 releng/7.4/ r222416 releng/7.3/ r222416 stable/8/ r222396 releng/8.2/ r222416 releng/8.1/ r222416 head/ r222395 \\- ------------------------------------------------------------------------- VII. References http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-11:02.bind.asc \\-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 iEYEARECAAYFAk3gvuQACgkQFdaIBMps37L2iACgizZK4QS3rOaY0x7evMuyWIop OaoAn3Pku/9HCSUULC2xurSnGU3AtJcz =aG4/ \\-----END PGP SIGNATURE----- \n", "cvss3": {}, "published": "2011-05-28T00:00:00", "type": "freebsd_advisory", "title": "\nFreeBSD-SA-11:02.bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-28T00:00:00", "id": "FREEBSD_ADVISORY:FREEBSD-SA-11:02.BIND", "href": "https://www.freebsd.org/security/advisories/FreeBSD-SA-11:02.bind.asc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-09T15:24:41", "description": "\\-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:03.bind Security Advisory The FreeBSD Project Topic: Remote packet Denial of Service against named(8) servers Category: contrib Module: bind Announced: 2011-09-28 Credits: Roy Arends Affects: 8.2-STABLE after 2011-05-28 and prior to the correction date Corrected: 2011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE) CVE Name: CVE-2011-2464 Note: This advisory concerns a vulnerability which existed only in the FreeBSD 8-STABLE branch and was fixed over two months prior to the date of this advisory. For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. II. Problem Description A logic error in the BIND code causes the BIND daemon to accept bogus data, which could cause the daemon to crash. III. Impact An attacker able to send traffic to the BIND daemon can cause it to crash, resulting in a denial of service. IV. Workaround No workaround is available, but systems not running the BIND name server are not affected. V. Solution Upgrade your vulnerable system to 8-STABLE dated after the correction date. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path \\- ------------------------------------------------------------------------- RELENG_8 src/contrib/bind9/lib/dns/message.c 1.3.2.3 \\- ------------------------------------------------------------------------- Subversion: Branch/path Revision \\- ------------------------------------------------------------------------- stable/8/ r223815 \\- ------------------------------------------------------------------------- VII. References http://www.isc.org/software/bind/advisories/cve-2011-2464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc \\-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG 9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK =aUvD \\-----END PGP SIGNATURE----- \n", "cvss3": {}, "published": "2011-09-28T00:00:00", "type": "freebsd_advisory", "title": "\nFreeBSD-SA-11:03.bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-09-28T00:00:00", "id": "FREEBSD_ADVISORY:FREEBSD-SA-11:03.BIND", "href": "https://www.freebsd.org/security/advisories/FreeBSD-SA-11:03.bind.asc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-07-27T10:25:39", "description": "bind is vulnerable to denial of service (DoS). The vulnerability exists as an off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure.\n", "cvss3": {}, "published": "2020-04-10T01:03:14", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2022-04-19T18:38:21", "id": "VERACODE:24738", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24738/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-11-04T20:06:15", "description": "A denial of service vulnerbality has been reported in ISC BIND's name server process (named). BIND (Berkeley Internet Name Domain) is an implementation of the DNS protocol and provides an openly redistributable reference implementation of the major components of the Domain Name System. Successful exploitation of this vulnerability may lead to a DoS condition, possibly causing the server to become unresponsive.", "cvss3": {}, "published": "2011-07-15T00:00:00", "type": "checkpoint_advisories", "title": "ISC BIND RRSIG RRsets Denial of Service (CVE-2011-1910)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-08-25T00:00:00", "id": "CPAI-2011-110", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-22T00:22:34", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2244-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMay 27, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : incorrect boundary condition\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-1910\n\nIt was discovered that BIND, an implementation of the DNS protocol,\ndoes not correctly process certain large RRSIG record sets in DNSSEC\nresponses. The resulting assertion failure causes the name server\nprocess to crash, making name resolution unavailable. (CVE-2011-1910)\n\nIn addition, this update fixes handling of certain signed/unsigned\nzone combinations when a DLV service is used. Previously, data from\ncertain affected zones could become unavailable from the resolver.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny2.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze2.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-05-27T22:23:27", "type": "debian", "title": "[SECURITY] [DSA 2244-1] bind9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-27T22:23:27", "id": "DEBIAN:DSA-2244-1:F8777", "href": "https://lists.debian.org/debian-security-announce/2011/msg00114.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T00:19:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2272-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJuly 05, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-2464\n\nIt was discovered that BIND, a DNS server, does not correctly process\ncertain UPDATE requests, resulting in a server crash and a denial of\nservice. This vulnerability affects BIND installations even if they\ndo not actually use dynamic DNS updates.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze3.\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed later.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-07-05T18:46:15", "type": "debian", "title": "[SECURITY] [DSA 2272-1] bind9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-05T18:46:15", "id": "DEBIAN:DSA-2272-1:98389", "href": "https://lists.debian.org/debian-security-announce/2011/msg00144.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:38:48", "description": "This update provides bind 9.6ESVR4P1 which fixes a denial\n of service vulnerability that can be triggered by very\n large RRSIG RRsets in a negative response and crash named.\n (CVE-2011-1910\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910</a>\n &gt; )\n\n It further provides a fix for a defect which may cause\n queries for .com names to fail with validation errors when\n DNSSEC records for the .com zone are initially inserted\n into the root zone.\n\n Please refer to\n <a rel=\"nofollow\" href=\"https://www.isc.org/software/bind/new-features/9.6\">https://www.isc.org/software/bind/new-features/9.6</a>\n &lt;<a rel=\"nofollow\" href=\"https://www.isc.org/software/bind/new-features/9.6\">https://www.isc.org/software/bind/new-features/9.6</a>&gt; for\n more information on additional improvements and bug fixes.\n", "cvss3": {}, "published": "2011-06-10T15:31:38", "type": "suse", "title": "bind (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2011-06-10T15:31:38", "id": "SUSE-SU-2011:0608-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00000.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:56:41", "description": "A remote Denial of Service vulnerability has been fixed in\n bind. Specially crafted packets could cause bind servers\n (recursive as well as authoritative) to exit.\n", "cvss3": {}, "published": "2011-07-19T01:05:59", "type": "suse", "title": "Security update for bind (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-19T01:05:59", "id": "SUSE-SU-2011:0759-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:38:48", "description": "A remote Denial of Service vulnerability has been fixed in\n bind. Specially crafted packets could cause bind servers\n (recursive as well as authoritative) to exit.\n CVE-2011-2464 has been assigned to this issue.\n\n", "cvss3": {}, "published": "2011-07-19T01:06:51", "type": "suse", "title": "bind: fixing remote Denial of Service (CVE-2011-2464) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-19T01:06:51", "id": "OPENSUSE-SU-2011:0788-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00006.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:43:37", "description": "A remote Denial of Service vulnerability has been fixed in the BIND DNS nameserver.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2011-07-08T16:20:26", "type": "suse", "title": "remote denial of service in bind", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465"], "modified": "2011-07-08T16:20:26", "id": "SUSE-SA:2011:029", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osv": [{"lastseen": "2022-08-10T07:08:50", "description": "\nIt was discovered that BIND, an implementation of the DNS protocol,\ndoes not correctly process certain large RRSIG record sets in DNSSEC\nresponses. The resulting assertion failure causes the name server\nprocess to crash, making name resolution unavailable. ([CVE-2011-1910](https://security-tracker.debian.org/tracker/CVE-2011-1910))\n\n\nIn addition, this update fixes handling of certain signed/unsigned\nzone combinations when a DLV service is used. Previously, data from\ncertain affected zones could become unavailable from the resolver.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny2.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze2.\n\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed soon.\n\n\nWe recommend that you upgrade your bind9 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2011-05-27T00:00:00", "type": "osv", "title": "bind9 - wrong boundary condition", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2022-08-10T07:08:45", "id": "OSV:DSA-2244-1", "href": "https://osv.dev/vulnerability/DSA-2244-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:06:02", "description": "\nIt was discovered that BIND, a DNS server, does not correctly process\ncertain UPDATE requests, resulting in a server crash and a denial of\nservice. This vulnerability affects BIND installations even if they\ndo not actually use dynamic DNS updates.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:9.6.ESV.R4+dfsg-0+lenny3.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze3.\n\n\nThe testing distribution (wheezy) and the unstable distribution (sid)\nwill be fixed later.\n\n\nWe recommend that you upgrade your bind9 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2011-07-05T00:00:00", "type": "osv", "title": "bind9 - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2022-08-10T07:05:56", "id": "OSV:DSA-2272-1", "href": "https://osv.dev/vulnerability/DSA-2272-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:03:10", "description": "BUGTRAQ ID: 48007\r\nCVE(CAN) ID: CVE-2011-1910\r\n\r\nBIND\u662f\u4e00\u4e2a\u5e94\u7528\u975e\u5e38\u5e7f\u6cdb\u7684DNS\u534f\u8bae\u7684\u5b9e\u73b0\uff0c\u7531ISC\u8d1f\u8d23\u7ef4\u62a4\uff0c\u5177\u4f53\u7684\u5f00\u53d1\u7531Nominum\u516c\u53f8\u5b8c\u6210\u3002\r\n\r\nISC BIND 9\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u5e94\u7528\u7a0b\u5e8f\u8fdb\u7a0b\u5d29\u6e83\uff0c\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\u3002\r\n\r\n\u7531\u4e8e\u9519\u8bef\u7684\u5904\u7406\u4e86\u67d0\u4e9b\u6e90\u8bb0\u5f55\u96c6RRsets, \u653b\u51fb\u8005\u53ef\u7528\u8fc7\u5927\u7684RRSIG RRsets\u8bbe\u7f6eDNSSEC\u7b7e\u7f72\u7684\u6388\u6743DNS\u670d\u52a1\u5668\u4f5c\u4e3a\u89e6\u53d1\u5668\uff0c\u7136\u540e\u5411\u7f13\u5b58\u89e3\u6790\u5668\u8bf7\u6c42\u6545\u969c\u670d\u52a1\u5668\u670d\u52a1\u7684\u57df\u4e2d\u4e0d\u5b58\u5728\u7684\u540d\u79f0\uff0c\u83b7\u53d6\u7684\u56de\u5e94\u5c06\u89e6\u53d1\u6f0f\u6d1e\u3002\n\nFreeBSD FreeBSD 8.x\r\nFreeBSD FreeBSD 7.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nFreeBSD\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.freebsd.org/security/index.html", "cvss3": {}, "published": "2011-06-02T00:00:00", "title": "ISC BIND 9 Large RRSIG RRsets\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-1910"], "modified": "2011-06-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20595", "id": "SSV:20595", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:02:04", "description": "BUGTRAQ ID: 48566\r\nCVE ID: CVE-2011-2464\r\n\r\nBIND\u662f\u4e00\u4e2a\u5e94\u7528\u975e\u5e38\u5e7f\u6cdb\u7684DNS\u534f\u8bae\u7684\u5b9e\u73b0\uff0c\u7531ISC\u8d1f\u8d23\u7ef4\u62a4\uff0c\u5177\u4f53\u7684\u5f00\u53d1\u7531Nominum\u516c\u53f8\u5b8c\u6210\u3002\r\n\r\nISC BIND\u5728\u5904\u7406\u7279\u5236\u7684UPDATE\u8bf7\u6c42\u65f6\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5f71\u54cd\u9012\u5f52\u548c\u6388\u6743\u670d\u52a1\u5668\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n\u6b64\u6f0f\u6d1e\u6e90\u4e8e\u5904\u7406UPDATE\u8bf7\u6c42\u65f6\u7684\u9519\u8bef\uff0c\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684UPDATE\u8bf7\u6c42\u9020\u6210named\u8fdb\u7a0b\u4e2d\u65ad\u3002\u56e0\u4e3a\u6f0f\u6d1e\u4ee3\u7801\u6240\u5728\u4f4d\u7f6e\uff0c\u4e0d\u53ef\u80fd\u901a\u8fc7named.conf\u4e2d\u914d\u7f6e\u7684ACL\u6216\u7981\u7528\u4e00\u4e9b\u529f\u80fd\uff08\u5728\u7f16\u8bd1\u65f6\u6216\u8fd0\u884c\u65f6\uff09\u6765\u4fdd\u62a4BIND\u3002\n\nISC BIND 9.7.1-P2\r\nISC BIND 9.7.1-P1\r\nISC BIND 9.7.1\r\nISC BIND 9.7.0 P2\r\nISC BIND 9.7.0\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nISC\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.isc.org/", "cvss3": {}, "published": "2011-07-07T00:00:00", "title": "ISC BIND UPDATE\u8bf7\u6c42\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20706", "id": "SSV:20706", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "f5": [{"lastseen": "2021-06-08T18:49:13", "description": "", "cvss3": {}, "published": "2011-07-27T02:03:00", "type": "f5", "title": "BIND vulnerability CVE-2011-1910", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2016-01-09T02:27:00", "id": "F5:K12985", "href": "https://support.f5.com/csp/article/K12985", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:49:12", "description": "Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.\n\nInformation about this advisory is available at the following locations:\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910>\n\nF5 Product Development tracked this issue as ID 360515 for BIG-IP and it was fixed in BIG-IP 10.2.3. For information about upgrading, refer to the BIG-IP release notes.\n\nF5 Product Development tracked this issue as ID 364691 for Enterprise Manager and it was fixed in Enterprise Manager 2.3.0. For information about upgrading, refer to the Enterprise Manager release notes.\n\nAdditionally, this issue was fixed in Hotfix-BIGIP-10.2.2-HF1 issued for BIG-IP 10.2.2. You may download this hotfix or later versions of the hotfix from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nAdditionally, this issue has been fixed in an engineering hotfix available for BIG-IP versions 10.2.1 HF3, 10.1.0 HF2 and 9.4.8 HF4. Customers affected by this issue can request a hotfix from [F5 Technical Support](<http://www.f5.com/training-support/customer-support/contact/>).\n\nFor information about downloading software, refer to SOL167: Downloading software and firmware from F5.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.\n", "cvss3": {}, "published": "2011-07-26T00:00:00", "type": "f5", "title": "SOL12985 - BIND vulnerability CVE-2011-1910", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2013-09-11T00:00:00", "id": "SOL12985", "href": "http://support.f5.com/kb/en-us/solutions/public/12000/900/sol12985.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:49:13", "description": "", "cvss3": {}, "published": "2011-07-28T02:54:00", "type": "f5", "title": "BIND vulnerability CVE-2011-2464", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2016-01-09T02:27:00", "id": "F5:K12986", "href": "https://support.f5.com/csp/article/K12986", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:49:11", "description": "Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a Denial of Service (DoS) (named daemon crash) by way of a crafted UPDATE request.\n\nInformation about this advisory is available at the following location: [CVE-2011-2464](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464>) \n\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\nF5 Product Development tracked this issue as ID 363310 for the BIG-IP system, and it was fixed in BIG-IP 10.2.3 and 11.0.0. For more information about upgrading, refer to the BIG-IP LTM, GTM, ASM, Link Controller, WebAccelerator, PSM, WOM, APM and Edge Gateway release notes.\n\nAdditionally, this issue was fixed in Hotfix-BIGIP-10.2.2-HF1 issued for BIG-IP 10.2.2. You may download this hotfix, or later versions of the hotfix, from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nFor information about downloading software, refer to SOL167: Downloading software and firmware from F5.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL10025: Managing BIG-IP product hotfixes (10.x) and SOL6845: Managing BIG-IP product hotfixes (9.x). \n\n", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "f5", "title": "SOL12986 - BIND vulnerability CVE-2011-2464", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2013-09-10T00:00:00", "id": "SOL12986", "href": "http://support.f5.com/kb/en-us/solutions/public/12000/900/sol12986.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "cisa": [{"lastseen": "2021-02-24T18:08:44", "description": "The Internet System Consortium has released updates for BIND to address a vulnerability in BIND versions 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, and 9.8.0 and later. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note [VU#795694](<http://www.kb.cert.org/vuls/id/795694>).\n\nUS-CERT encourages users and administrators to review [CVE-2011-1910](<http://www.isc.org/software/bind/advisories/cve-2011-1910>) and apply the respective [patches](<https://www.isc.org/downloads>) to help mitigate the risks. Since BIND is often packaged in larger third-party applications or operating system distributions, users and administrators should check with their software vendors for updated versions.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2011/05/27/Internet-System-Consortium-releases-BIND-patches>); we'd welcome your feedback.\n", "edition": 2, "cvss3": {}, "published": "2011-05-27T00:00:00", "type": "cisa", "title": "Internet System Consortium releases BIND patches", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2012-10-23T00:00:00", "id": "CISA:49ADF3679AABE7F5EC72CB6B859EF95B", "href": "https://us-cert.cisa.gov/ncas/current-activity/2011/05/27/Internet-System-Consortium-releases-BIND-patches", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-24T18:08:44", "description": "The Internet System Consortium has released updates for BIND to address multiple vulnerabilities. [CVE-2011-2464](<http://www.isc.org/software/bind/advisories/cve-2011-2464>) affects the following versions: 9.6.3; 9.6-ESV-R4 and later; 9.7.0 and later; 9.7.1 and later; 9.7.2 and later; 9.7.3 and later; 9.7.4b1; 9.8.0 and later; and 9.8.1b1. [CVE-2011-2465](<http://www.isc.org/software/bind/advisories/cve-2011-2465>) affects the following versions: 9.8.0 and later, and 9.8.1b1. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition. Additional information regarding these vulnerabilities can be found in US-CERT Vulnerability Notes [VU#142646](<http://www.kb.cert.org/vuls/id/142646>) and [VU#137968](<http://www.kb.cert.org/vuls/id/137968>).\n\nUS-CERT encourages users and administrators to review [CVE-2011-2464](<http://www.isc.org/software/bind/advisories/cve-2011-2464>) and [CVE-2011-2465](<http://www.isc.org/software/bind/advisories/cve-2011-2465>) and apply the respective [patches](<https://www.isc.org/downloads>) to help mitigate the risks. Since BIND is often packaged in larger third-party applications or operating system distributions, users and administrators should check with their software vendors for updated versions.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2011/07/05/Internet-System-Consortium-releases-BIND-Patches>); we'd welcome your feedback.\n", "edition": 2, "cvss3": {}, "published": "2011-07-05T00:00:00", "type": "cisa", "title": "Internet System Consortium releases BIND Patches", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464", "CVE-2011-2465"], "modified": "2012-10-23T00:00:00", "id": "CISA:1FDBD9C529C199F875C503DF19FDE155", "href": "https://us-cert.cisa.gov/ncas/current-activity/2011/07/05/Internet-System-Consortium-releases-BIND-Patches", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nISC reports:\n\nA BIND 9 DNS server set up to be a caching resolver is\n\t vulnerable to a user querying a domain with very large resource\n\t record sets (RRSets) when trying to negatively cache a response.\n\t This can cause the BIND 9 DNS server (named process) to crash.\n\n\n", "cvss3": {}, "published": "2011-05-26T00:00:00", "type": "freebsd", "title": "BIND -- Large RRSIG RRsets and Negative Caching DoS", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2016-08-09T00:00:00", "id": "1E1421F0-8D6F-11E0-89B4-001EC9578670", "href": "https://vuxml.freebsd.org/freebsd/1e1421f0-8d6f-11e0-89b4-001ec9578670.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T16:03:50", "description": "\n\nISC reports:\n\nA defect in the affected BIND 9 versions allows an attacker to\n\t remotely cause the \"named\" process to exit using a specially\n\t crafted packet.\nThis defect affects both recursive and authoritative servers.\n\n\n", "cvss3": {}, "published": "2011-07-05T00:00:00", "type": "freebsd", "title": "BIND -- Remote DoS against authoritative and recursive servers", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-05T00:00:00", "id": "FD64188D-A71D-11E0-89B4-001EC9578670", "href": "https://vuxml.freebsd.org/freebsd/fd64188d-a71d-11e0-89b4-001ec9578670.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2021-09-28T17:50:56", "description": "### Overview\n\nISC BIND contains a vulnerability in the processing of large RRSIG RRsets included in a negative cache response.\n\n### Description\n\nAccording to [ISC](<http://www.isc.org/software/bind/advisories/cve-2011-1910>):\n\n_DNS systems use negative caching to improve DNS response time. This will keep a DNS resolver from repeatedly looking up domains that do not exist. Any NXDOMAIN or NODATA/NOERROR response will be put into the negative cache. \n \nThe authority data will be cached along with the negative cache information. These authoritative \u201cStart of Authority\u201d (SOA) and NSEC/NSEC3 records prove the nonexistence of the requested name/type. In DNSSEC, all of these records are signed; this adds one additional RRSIG record, per DNSSEC key, for each record returned in the authority section of the response. \n \nIn this vulnerability, very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named (BIND 9 DNS) due to an off-by-one error in a buffer size check. \n \nThe nature of this vulnerability would allow remote exploit. An attacker can set up a DNSSEC signed authoritative DNS server with large RRSIG RRsets to act as the trigger. The attacker would then find ways to query an organization\u2019s caching resolvers for non-existent names in the domain served by the bad server, getting a response that would \u201ctrigger\u201d the vulnerability. The attacker would require access to an organization\u2019s caching resolvers; access to the resolvers can be direct (open resolvers), through malware (using a BOTNET to query negative caches), or through driving DNS resolution (a SPAM run that has a domain in the E-mail that will cause the client to perform a lookup)._ \n \n--- \n \n### Impact\n\nA remote, unauthenticated attacker can cause the named daemon to crash creating a denial of service condition. \n \n--- \n \n### Solution\n\n**Apply an update \n \n**Users who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.** \n** \nThis vulnerability is addressed in ISC BIND versions 9.4-ESV-R4-P1, 9.6-ESV-R4-P1, 9.7.3-P1 and 9.8.0-P2. Users of BIND from the original source distribution should upgrade to this version. \n \nSee also <http://www.isc.org/software/bind/advisories/cve-2011-1910> \n \n--- \n \nAccording to [ISC](<http://www.isc.org/software/bind/advisories/cve-2011-1910>): \n_Restricting access to the DNS caching resolver infrastructure will provide partial mitigation. Active exploitation can be accomplished through malware or SPAM/Malvertizing actions that will force authorized clients to look up domains that would trigger this vulnerability._ \n \n--- \n \n### Vendor Information\n\n795694\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Internet Systems Consortium Affected\n\nUpdated: May 27, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.isc.org/software/bind/advisories/cve-2011-1910>\n\n### Mandriva S. A. __ Affected\n\nUpdated: June 01, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nTo upgrade automatically use MandrivaUpdate or urpmi. The verification\n\nof md5 checksums and GPG signatures is performed automatically for you. \n \nAll packages are signed by Mandriva for security. You can obtain the \nGPG public key of the Mandriva Security Team by executing: \n \ngpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 \n \nYou can view other update advisories for Mandriva Linux at: \n \n<http://www.mandriva.com/security/advisories>\n\n### Vendor Information \n\nMandriva Linux 2009.0: \nebe0e9136ca078d55e8474b7e4774fa0 \n2009.0/i586/bind-9.6.2-0.3mdv2009.0.i586.rpm \n4bcead4d6fffece6a8786e20580f433b \n2009.0/i586/bind-devel-9.6.2-0.3mdv2009.0.i586.rpm \n7c4269cc12c36c81b8d5e6beda01db22 \n2009.0/i586/bind-doc-9.6.2-0.3mdv2009.0.i586.rpm \n180a7897d73d5f81bb22403bbfd01301 \n2009.0/i586/bind-utils-9.6.2-0.3mdv2009.0.i586.rpm \n9ce92b36b69535037658b12de6ba91f3 \n2009.0/SRPMS/bind-9.6.2-0.3mdv2009.0.src.rpm \n \nMandriva Linux 2009.0/X86_64: \nb9711c2fc96a83b7b3ce16e872480a94 \n2009.0/x86_64/bind-9.6.2-0.3mdv2009.0.x86_64.rpm \n835c967bdb7e163ee650ad4c2a93a02e \n2009.0/x86_64/bind-devel-9.6.2-0.3mdv2009.0.x86_64.rpm \nafd62cab2b8be8ab47307541cda19b1b \n2009.0/x86_64/bind-doc-9.6.2-0.3mdv2009.0.x86_64.rpm \n949e7df04821a40c180a43323fb1b6b3 \n2009.0/x86_64/bind-utils-9.6.2-0.3mdv2009.0.x86_64.rpm \n9ce92b36b69535037658b12de6ba91f3 \n2009.0/SRPMS/bind-9.6.2-0.3mdv2009.0.src.rpm \n \nMandriva Linux 2010.1: \nfacbc4e2c06e947c116f22c6ab546dc9 \n2010.1/i586/bind-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm \n15fe702c18438ad9a9d07d1a08e8dc5e \n2010.1/i586/bind-devel-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm \nf67cc34ea4fa188c6e1ce78a2f418cec \n2010.1/i586/bind-doc-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm \nc954e45cc2f928f8c241c1c544b76c1b \n2010.1/i586/bind-utils-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm \na258d307cde57f5f8f750311d1922aee \n2010.1/SRPMS/bind-9.7.3-0.0.P1.1.1mdv2010.2.src.rpm \n \nMandriva Linux 2010.1/X86_64: \n7fc178b5236b9d82e028f1d95a0995e7 \n2010.1/x86_64/bind-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm \nb9a1c2434083eec6bdf537249f62ef12 \n2010.1/x86_64/bind-devel-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm \n923cbacff1dd7b8a35b248af46979f84 \n2010.1/x86_64/bind-doc-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm \nc564274f9fd0a837963cd7359ef520de \n2010.1/x86_64/bind-utils-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm \na258d307cde57f5f8f750311d1922aee \n2010.1/SRPMS/bind-9.7.3-0.0.P1.1.1mdv2010.2.src.rpm \n \nCorporate 4.0: \n438be9cf334ebfabac9128ab17488b16 \ncorporate/4.0/i586/bind-9.4.3-0.4.20060mlcs4.i586.rpm \n73bdfc4039746f9f5ecc95c8b02c9baa \ncorporate/4.0/i586/bind-devel-9.4.3-0.4.20060mlcs4.i586.rpm \nb659532890edec643588df8097b4f9a4 \ncorporate/4.0/i586/bind-utils-9.4.3-0.4.20060mlcs4.i586.rpm \n6264781c61bac05330db0300520686aa \ncorporate/4.0/SRPMS/bind-9.4.3-0.4.20060mlcs4.src.rpm \n \nCorporate 4.0/X86_64: \na202e00d59ea543e2e2683ebd21509c2 \ncorporate/4.0/x86_64/bind-9.4.3-0.4.20060mlcs4.x86_64.rpm \nc020841e7cc8ee34ec576a3dd3a6c053 \ncorporate/4.0/x86_64/bind-devel-9.4.3-0.4.20060mlcs4.x86_64.rpm \n47ee68c9f935447a0160850a6f151fb5 \ncorporate/4.0/x86_64/bind-utils-9.4.3-0.4.20060mlcs4.x86_64.rpm \n6264781c61bac05330db0300520686aa \ncorporate/4.0/SRPMS/bind-9.4.3-0.4.20060mlcs4.src.rpm \n \nMandriva Enterprise Server 5: \n467bf36fd2f979b44936a5048e66b177 \nmes5/i586/bind-9.6.2-0.3mdvmes5.2.i586.rpm \ncb277066933724335637f05c89371a06 \nmes5/i586/bind-devel-9.6.2-0.3mdvmes5.2.i586.rpm \nfc839ab342e30da3777d4e15af7412f6 \nmes5/i586/bind-doc-9.6.2-0.3mdvmes5.2.i586.rpm \ne71726f1845cb35577fe18af40ec8798 \nmes5/i586/bind-utils-9.6.2-0.3mdvmes5.2.i586.rpm \nca697b83e7ae5d4d108ae6ca6ce95107 \nmes5/SRPMS/bind-9.6.2-0.3mdvmes5.2.src.rpm \n \nMandriva Enterprise Server 5/X86_64: \n7a488676d28da8704b51ca731b726697 \nmes5/x86_64/bind-9.6.2-0.3mdvmes5.2.x86_64.rpm \n4803a569597c7372b7b2323da9220d4d \nmes5/x86_64/bind-devel-9.6.2-0.3mdvmes5.2.x86_64.rpm \n1a6c027085db39464be568061c70c877 \nmes5/x86_64/bind-doc-9.6.2-0.3mdvmes5.2.x86_64.rpm \nf520ec26e2c0e68e1f82767f1a4b6d54 \nmes5/x86_64/bind-utils-9.6.2-0.3mdvmes5.2.x86_64.rpm \nca697b83e7ae5d4d108ae6ca6ce95107 \nmes5/SRPMS/bind-9.6.2-0.3mdvmes5.2.src.rpm\n\n### Ubuntu __ Affected\n\nUpdated: June 01, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nUbuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).\n\nApply updated packages via Launchpad.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n<http://www.isc.org/software/bind/advisories/cve-2011-1910>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [cve-2011-1910](<http://web.nvd.nist.gov/vuln/detail/cve-2011-1910>) \n---|--- \n**Severity Metric:** | 4.93 \n**Date Public:** | 2011-05-26 \n**Date First Published:** | 2011-05-27 \n**Date Last Updated: ** | 2011-06-01 18:22 UTC \n**Document Revision: ** | 12 \n", "cvss3": {}, "published": "2011-05-27T00:00:00", "type": "cert", "title": "ISC BIND named negative caching vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-06-01T18:22:00", "id": "VU:795694", "href": "https://www.kb.cert.org/vuls/id/795694", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T17:50:05", "description": "### Overview\n\nISC BIND 9 contains a remote packet denial of service vulnerability when running as an authoritative or recursive server.\n\n### Description\n\nAccording to [ISC](<http://www.isc.org/software/bind/advisories/cve-2011-2464>):\n\n_A defect in the affected BIND 9 versions allows an attacker to remotely cause the \"named\" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. \n \nA remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers._ \n \n--- \n \n### Impact\n\nA remote, unauthenticated attacker can cause the named daemon to crash creating a denial of service condition. \n \n--- \n \n### Solution\n\n**Apply an update** \n \nUsers who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors. \n \nThis vulnerability is addressed in ISC BIND versions 9.6-ESV-R4-P3, 9.7.3-P3 and 9.8.0-P4. Users of BIND from the original source distribution should upgrade to this version. \n \nSee also <http://www.isc.org/software/bind/advisories/cve-2011-2464> \n \n--- \n \n### Vendor Information\n\n142646\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux __ Affected\n\nUpdated: July 07, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nFor the oldstable distribution (lenny), this problem has been fixed in\n\nversion 1:9.6.ESV.R4+dfsg-0+lenny3. \n \nFor the stable distribution (squeeze), this problem has been fixed in \nversion 1:9.7.3.dfsg-1~squeeze3. \n \nThe testing distribution (wheezy) and the unstable distribution (sid) \nwill be fixed later. \n \nWe recommend that you upgrade your bind9 packages.\n\n### Internet Systems Consortium Affected\n\nNotified: June 16, 2011 Updated: July 05, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.isc.org/software/bind/advisories/cve-2011-2464>\n\n### Mandriva S. A. __ Affected\n\nUpdated: July 20, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nMandriva Linux 2009.0:\n\nca6c480f7a3738227e5a7190ec1499b7 2009.0/i586/bind-9.7.3-0.0.P3.1.1mdv2009.0.i586.rpm \n09875b79c8645d5435ce653a7d2844b9 2009.0/i586/bind-devel-9.7.3-0.0.P3.1.1mdv2009.0.i586.rpm \nabb841d7abc6ac1a69cf28af7c2e5e19 2009.0/i586/bind-doc-9.7.3-0.0.P3.1.1mdv2009.0.i586.rpm \ndb42fa2094b45da2ead8c614ea8f39b0 2009.0/i586/bind-utils-9.7.3-0.0.P3.1.1mdv2009.0.i586.rpm \n2e3ba946b0a13c0a424a1597f255dcb5 2009.0/SRPMS/bind-9.7.3-0.0.P3.1.1mdv2009.0.src.rpm \n \nMandriva Linux 2009.0/X86_64: \nf58b8e207e209cef128693b7049d162f 2009.0/x86_64/bind-9.7.3-0.0.P3.1.1mdv2009.0.x86_64.rpm \ndc1085555707774e4e9709891aa79dd1 2009.0/x86_64/bind-devel-9.7.3-0.0.P3.1.1mdv2009.0.x86_64.rpm \n1e34f338c7ba785e0271859b22ab2c28 2009.0/x86_64/bind-doc-9.7.3-0.0.P3.1.1mdv2009.0.x86_64.rpm \n00dc003c8fe9c03c7122300d81d91905 2009.0/x86_64/bind-utils-9.7.3-0.0.P3.1.1mdv2009.0.x86_64.rpm \n2e3ba946b0a13c0a424a1597f255dcb5 2009.0/SRPMS/bind-9.7.3-0.0.P3.1.1mdv2009.0.src.rpm \n \nMandriva Linux 2010.1: \naeb3ed5e5f630ff5aac1429fe59907df 2010.1/i586/bind-9.7.3-0.0.P3.1.1mdv2010.2.i586.rpm \n10b785d8384c7f8f7b600cc36023446a 2010.1/i586/bind-devel-9.7.3-0.0.P3.1.1mdv2010.2.i586.rpm \n6afb5e313edd48b9c960ecebd73af92e 2010.1/i586/bind-doc-9.7.3-0.0.P3.1.1mdv2010.2.i586.rpm \nf135331906181bb6da064259ecbc647a 2010.1/i586/bind-utils-9.7.3-0.0.P3.1.1mdv2010.2.i586.rpm \nf130951f40fdbde979c9999f2bc29ccf 2010.1/SRPMS/bind-9.7.3-0.0.P3.1.1mdv2010.2.src.rpm \n \nMandriva Linux 2010.1/X86_64: \n7eeb4c6916e8dc5ecc2b7284c733ea8e 2010.1/x86_64/bind-9.7.3-0.0.P3.1.1mdv2010.2.x86_64.rpm \nf7687346e5c7072395a0d158f7070d9f 2010.1/x86_64/bind-devel-9.7.3-0.0.P3.1.1mdv2010.2.x86_64.rpm \n1e890bc2ba91af8d3fa57c7a7bd008c7 2010.1/x86_64/bind-doc-9.7.3-0.0.P3.1.1mdv2010.2.x86_64.rpm \nbdf6a36d8c002d6ad62eeb83b6dc54fc 2010.1/x86_64/bind-utils-9.7.3-0.0.P3.1.1mdv2010.2.x86_64.rpm \nf130951f40fdbde979c9999f2bc29ccf 2010.1/SRPMS/bind-9.7.3-0.0.P3.1.1mdv2010.2.src.rpm \n \nMandriva Enterprise Server 5: \n750c707ab5d471f54a2e62a265628b05 mes5/i586/bind-9.7.3-0.0.P3.1.1mdvmes5.2.i586.rpm \na4cc134f17c999467986e03e5a5caa18 mes5/i586/bind-devel-9.7.3-0.0.P3.1.1mdvmes5.2.i586.rpm \neb4cb65573546064202eda0a494de398 mes5/i586/bind-doc-9.7.3-0.0.P3.1.1mdvmes5.2.i586.rpm \nf5cad026fb2402b78be8d1eb340a9ef9 mes5/i586/bind-utils-9.7.3-0.0.P3.1.1mdvmes5.2.i586.rpm \n092f9de8063f70ced41bfdfb6c4edbad mes5/SRPMS/bind-9.7.3-0.0.P3.1.1mdvmes5.2.src.rpm \n \nMandriva Enterprise Server 5/X86_64: \n3b5a09e53f39c5135dd72638be00ba59 mes5/x86_64/bind-9.7.3-0.0.P3.1.1mdvmes5.2.x86_64.rpm \n61251e33bc1e649e7b5da91dcfd4c6b1 mes5/x86_64/bind-devel-9.7.3-0.0.P3.1.1mdvmes5.2.x86_64.rpm \n2b8bfeca87fb28326b4c2e76ae7dc920 mes5/x86_64/bind-doc-9.7.3-0.0.P3.1.1mdvmes5.2.x86_64.rpm \nceb92e09171cf5ef0eee8a04e4a52fec mes5/x86_64/bind-utils-9.7.3-0.0.P3.1.1mdvmes5.2.x86_64.rpm \n092f9de8063f70ced41bfdfb6c4edbad mes5/SRPMS/bind-9.7.3-0.0.P3.1.1mdvmes5.2.src.rpm\n\n### Red Hat, Inc. Affected\n\nUpdated: July 07, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://bugzilla.redhat.com/CVE-2011-2464>\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n<http://www.isc.org/software/bind/advisories/cve-2011-2464>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2011-2464](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-2464>) \n---|--- \n**Severity Metric:** | 17.85 \n**Date Public:** | 2011-07-05 \n**Date First Published:** | 2011-07-05 \n**Date Last Updated: ** | 2011-07-20 18:57 UTC \n**Document Revision: ** | 15 \n", "cvss3": {}, "published": "2011-07-05T00:00:00", "type": "cert", "title": "ISC BIND 9 named denial of service vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2011-07-20T18:57:00", "id": "VU:142646", "href": "https://www.kb.cert.org/vuls/id/142646", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:40:42", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nAn off-by-one flaw was found in the way BIND processed negative responses\nwith large resource record sets (RRSets). An attacker able to send\nrecursive queries to a BIND server that is configured as a caching\nresolver could use this flaw to cause named to exit with an assertion\nfailure. (CVE-2011-1910)\n\nAll BIND users are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "cvss3": {}, "published": "2011-05-31T00:00:00", "type": "redhat", "title": "(RHSA-2011:0845) Important: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2018-06-06T16:24:11", "id": "RHSA-2011:0845", "href": "https://access.redhat.com/errata/RHSA-2011:0845", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T04:47:04", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was discovered in the way BIND handled certain DNS requests. A\nremote attacker could use this flaw to send a specially-crafted DNS request\npacket to BIND, causing it to exit unexpectedly due to a failed assertion.\n(CVE-2011-2464)\n\nUsers of bind97 on Red Hat Enterprise Linux 5, and bind on Red Hat\nEnterprise Linux 6, are advised to upgrade to these updated packages, which\nresolve this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "cvss3": {}, "published": "2011-07-07T00:00:00", "type": "redhat", "title": "(RHSA-2011:0926) Important: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2464"], "modified": "2018-06-06T16:24:06", "id": "RHSA-2011:0926", "href": "https://access.redhat.com/errata/RHSA-2011:0926", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:42", "description": "Large RRSIG in negative response leads to assert&#40;&#41;.", "edition": 1, "cvss3": {}, "published": "2011-05-30T00:00:00", "type": "securityvulns", "title": "ISC bind named DNS server DoS", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-30T00:00:00", "id": "SECURITYVULNS:VULN:11701", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11701", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:40", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n=============================================================================\r\nFreeBSD-SA-11:02.bind Security Advisory\r\n The FreeBSD Project\r\n\r\nTopic: BIND remote DoS with large RRSIG RRsets and negative caching\r\n\r\nCategory: contrib\r\nModule: bind\r\nAnnounced: 2011-05-28\r\nCredits: Frank Kloeker, Michael Sinatra.\r\nAffects: All supported versions of FreeBSD.\r\nCorrected: 2011-05-28 00:58:19 UTC &#40;RELENG_7, 7.4-STABLE&#41;\r\n 2011-05-28 08:44:39 UTC &#40;RELENG_7_3, 7.3-RELEASE-p6&#41;\r\n 2011-05-28 08:44:39 UTC &#40;RELENG_7_4, 7.4-RELEASE-p2&#41;\r\n 2011-05-28 00:33:06 UTC &#40;RELENG_8, 8.2-STABLE&#41;\r\n 2011-05-28 08:44:39 UTC &#40;RELENG_8_1, 8.1-RELEASE-p4&#41;\r\n 2011-05-28 08:44:39 UTC &#40;RELENG_8_2, 8.2-RELEASE-p2&#41;\r\nCVE Name: CVE-2011-1910\r\n\r\nFor general information regarding FreeBSD Security Advisories,\r\nincluding descriptions of the fields above, security branches, and the\r\nfollowing sections, please visit &lt;URL:http://security.FreeBSD.org/&gt;.\r\n\r\nI. Background\r\n\r\nBIND 9 is an implementation of the Domain Name System &#40;DNS&#41; protocols.\r\nThe named&#40;8&#41; daemon is an Internet Domain Name Server.\r\n\r\nDNS Security Extensions &#40;DNSSEC&#41; provides data integrity, origin\r\nauthentication and authenticated denial of existence to resolvers.\r\n\r\nII. Problem Description\r\n\r\nVery large RRSIG RRsets included in a negative response can trigger\r\nan assertion failure that will crash named&#40;8&#41; due to an off-by-one error\r\nin a buffer size check.\r\n\r\nIII. Impact\r\n\r\nIf named&#40;8&#41; is being used as a recursive resolver, an attacker who\r\ncontrols a DNS zone being resolved can cause named&#40;8&#41; to crash,\r\nresulting in a denial of &#40;DNS resolving&#41; service.\r\n\r\nDNSSEC does not need to be enabled on the resolver for it to be\r\nvulnerable.\r\n\r\nIV. Workaround\r\n\r\nNo workaround is available, but systems not running the BIND DNS server\r\nor using it exclusively as an authoritative name server &#40;i.e., not as a\r\ncaching resolver&#41; are not vulnerable.\r\n\r\nV. Solution\r\n\r\nPerform one of the following:\r\n\r\n1&#41; Upgrade your vulnerable system to 7-STABLE or 8-STABLE,\r\nor to the RELENG_8_2, RELENG_8_1, RELENG_7_4, or RELENG_7_3\r\nsecurity branch dated after the correction date.\r\n\r\n2&#41; To update your vulnerable system via a source code patch:\r\n\r\nThe following patches have been verified to apply to FreeBSD\r\n7.3, 7.4, 8.1 and 8.2 systems.\r\n\r\na&#41; Download the relevant patch from the location below, and verify the\r\ndetached PGP signature using your PGP utility.\r\n\r\n# fetch http://security.FreeBSD.org/patches/SA-11:02/bind.patch\r\n# fetch http://security.FreeBSD.org/patches/SA-11:02/bind.patch.asc\r\n\r\nb&#41; Execute the following commands as root:\r\n\r\n# cd /usr/src\r\n# patch &lt; /path/to/patch\r\n# cd /usr/src/lib/bind\r\n# make obj &amp;&amp; make depend &amp;&amp; make &amp;&amp; make install\r\n# cd /usr/src/usr.sbin/named\r\n# make obj &amp;&amp; make depend &amp;&amp; make &amp;&amp; make install\r\n# /etc/rc.d/named restart\r\n\r\n3&#41; To update your vulnerable system via a binary patch:\r\n\r\nSystems running 7.3-RELEASE, 7.4-RELEASE, 8.1-RELEASE, or 8.2-RELEASE\r\non the i386 or amd64 platforms can be updated via the freebsd-update&#40;8&#41;\r\nutility:\r\n\r\n# freebsd-update fetch\r\n# freebsd-update install\r\n\r\nVI. Correction details\r\n\r\nThe following list contains the revision numbers of each file that was\r\ncorrected in FreeBSD.\r\n\r\nCVS:\r\n\r\nBranch Revision\r\n Path\r\n- -------------------------------------------------------------------------\r\nRELENG_7\r\n src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.2.3\r\nRELENG_7_4\r\n src/UPDATING 1.507.2.36.2.4\r\n src/sys/conf/newvers.sh 1.72.2.18.2.7\r\n src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.2.2.2.1\r\nRELENG_7_3\r\n src/UPDATING 1.507.2.34.2.8\r\n src/sys/conf/newvers.sh 1.72.2.16.2.10\r\n src/contrib/bind9/lib/dns/ncache.c 1.1.1.2.10.1\r\nRELENG_8\r\n src/contrib/bind9/lib/dns/ncache.c 1.2.2.4\r\nRELENG_8_2\r\n src/UPDATING 1.632.2.19.2.4\r\n src/sys/conf/newvers.sh 1.83.2.12.2.7\r\n src/contrib/bind9/lib/dns/ncache.c 1.2.2.2.2.1\r\nRELENG_8_1\r\n src/UPDATING 1.632.2.14.2.7\r\n src/sys/conf/newvers.sh 1.83.2.10.2.8\r\n src/contrib/bind9/lib/dns/ncache.c 1.2.2.1.2.1\r\n- -------------------------------------------------------------------------\r\n\r\nSubversion:\r\n\r\nBranch/path Revision\r\n- -------------------------------------------------------------------------\r\nstable/7/ r222399\r\nreleng/7.4/ r222416\r\nreleng/7.3/ r222416\r\nstable/8/ r222396\r\nreleng/8.2/ r222416\r\nreleng/8.1/ r222416\r\nhead/ r222395\r\n- -------------------------------------------------------------------------\r\n\r\nVII. References\r\n\r\nhttp://www.isc.org/software/bind/advisories/cve-2011-1910\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910\r\n\r\nThe latest revision of this advisory is available at\r\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-11:02.bind.asc\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9\r\n\r\niEYEARECAAYFAk3gvuQACgkQFdaIBMps37L2iACgizZK4QS3rOaY0x7evMuyWIop\r\nOaoAn3Pku/9HCSUULC2xurSnGU3AtJcz\r\n=aG4/\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2011-05-30T00:00:00", "type": "securityvulns", "title": "FreeBSD Security Advisory FreeBSD-SA-11:02.bind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1910"], "modified": "2011-05-30T00:00:00", "id": "SECURITYVULNS:DOC:26430", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26430", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:41", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\nISC BIND 9 Remote packet Denial of Service against Authoritative and\r\nRecursive Servers\r\n\r\nA specially constructed packet will cause BIND 9 &#40;&quot;named&quot;&#41; to exit,\r\naffecting DNS service.\r\n\r\nCVE: CVE-2011-2464\r\n\r\nDocument Version: 2.0\r\n\r\nPosting date: 05 Jul 2011\r\n\r\nProgram Impacted: BIND\r\n\r\nVersions affected: 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0,\r\n9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2,\r\n9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2,\r\n9.8.0-P3, 9.8.1b1\r\n\r\nSeverity: High\r\n\r\nExploitable: Remotely\r\n\r\nDescription: \r\n\r\nA defect in the affected BIND 9 versions allows an attacker to remotely\r\ncause the &quot;named&quot; process to exit using a specially crafted packet. This\r\ndefect affects both recursive and authoritative servers. The code location\r\nof the defect makes it impossible to protect BIND using ACLs configured\r\nwithin named.conf or by disabling any features at compile-time or run-time.\r\n\r\nA remote attacker would need to be able to send a specially crafted packet\r\ndirectly to a server running a vulnerable version of BIND. There is also\r\nthe potential for an indirect attack via malware that is inadvertently\r\ninstalled and run, where infected machines have direct access to an\r\norganization&#39;s nameservers.\r\n\r\nCVSS Score: 7.8\r\n\r\n&#40;AV:N/AC:L/Au:N/C:N/I:N/A:C&#41;\r\n\r\nFor more information on the Common Vulnerability Scoring System and to\r\nobtain your specific environmental score please visit:\r\nhttp://nvd.nist.gov/cvss.cfm?calculator&amp;adv&amp;version=2\r\n\r\nWorkarounds: \r\n\r\nThere are no known workarounds for publicly available servers.\r\nAdministrators of servers that are not publicly available may be able to\r\nlimit exposure via firewalls and packet filters.\r\n\r\nActive exploits: \r\n\r\nISC knows of no public tools to exploit this defect at the time of this\r\nadvisory.\r\n\r\nSolution: \r\n\r\nUpgrade to: 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4.\r\n\r\nDownload these versions from the following locations:\r\n\r\nISC releases of BIND 9 software may be downloaded from\r\nhttp://www.isc.org/software/bind\r\n\r\nIf you do not obtain your BIND software directly from ISC, contact your\r\noperating system or software vendor for an update.\r\n\r\nIf you are participating in ISC&#39;s beta or release candidate &#40;RC&#41; programs,\r\nplease upgrade. ISC Beta/RC testers are expected to remove vulnerable\r\nversions and upgrade. No security advisories are issued for beta / release\r\ncandidates once the corresponding final release is made.\r\n\r\nIn addition, 9.5.3b1 and 9.5.3rc1 are affected although ISC has not\r\nreleased a final production version of 9.5.3. Note that BIND 9.5 is\r\nEnd-of-Life, therefore if you are running a pre-release version of 9.5.3 we\r\nrecommend upgrading to a supported production version of BIND.\r\n\r\n9.6-ESV-R4-P2 is not affected by any known attack vectors, but has been\r\nreplaced by 9.6-ESV-R4-P3 which carries a more complete fix\r\n\r\nOther versions of BIND 9 not listed in this advisory are not vulnerable to\r\nthis problem.\r\n\r\nAcknowledgements: \r\n\r\nISC thanks Roy Arends from Nominet for pin-pointing the exact nature of the\r\nvulnerability. We also thank Ramesh Damodaran of Infoblox for finding a\r\nvariation of the attack vector and Mats Dufberg of TeliaSonera Sweden for\r\nconfirming additional variants.\r\n\r\nDocument Revision History:\r\n\r\nVersion 1.0 - 14 June 2011: Phase One Disclosure Date\r\nVersion 1.1 - 20 June 2011: Phase Two Disclosure Date with updates.\r\nVersion 1.2 - 21 June 2011: Updates on beta, RC, and clarity editing\r\nVerison 1.3 - 21 June 2011: Sent Hold Notices to Phase I constituents,\r\nextended Acknowledgments\r\nVersion 1.4 - 23 June 2011: Updated -P versions to include Advanced\r\nSecurity Patches release to Phase I, and &quot;Upgrade to:&quot; versions\r\nVersion 1.5 - 24 June 2011: Added document URL, sent schedule update to\r\nPhase I constituents.\r\nVersion 1.6 - 28 June 2011: Updated Versions Affected, extended\r\nAcknowledgments, sent Phase I updates\r\nVersion 1.7 - 30 June 2011: Updated attribution text.\r\nVersion 1.8 - 4 July 2011: Phase Three and Four Disclosure Date\r\nversion 2.0 - 5 July 2011: Public Disclosure\r\n\r\nDo you have Questions? Questions regarding this advisory should go to\r\nsecurity-officer@isc.org.\r\n\r\nDo you need Software Support? Questions on ISC&#39;s Support services or other\r\nofferings should be sent to sales@isc.org. More information on ISC&#39;s\r\nsupport and other offerings are available at:\r\nhttp://www.isc.org/community/blog/201102/BIND-support\r\n\r\nISC Security Vulnerability Disclosure Policy: Details of our current\r\nsecurity advisory policy and practice can be found here:\r\nhttps://www.isc.org/security-vulnerability-disclosure-policy\r\n\r\n\r\n\r\nLegal Disclaimer:: \r\n\r\nInternet Systems Consortium &#40;ISC&#41; is providing this notice on an &am