Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2275)
2020-01-23T00:00:00
ID OPENVAS:1361412562311220192275 Type openvas Reporter Copyright (C) 2020 Greenbone Networks GmbH Modified 2020-01-23T00:00:00
Description
The remote host is missing an update for the Huawei EulerOS
# Copyright (C) 2020 Greenbone Networks GmbH
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (C) the respective author(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2019.2275");
script_version("2020-01-23T12:45:01+0000");
script_cve_id("CVE-2018-5744");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"last_modification", value:"2020-01-23 12:45:01 +0000 (Thu, 23 Jan 2020)");
script_tag(name:"creation_date", value:"2020-01-23 12:45:01 +0000 (Thu, 23 Jan 2020)");
script_name("Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2275)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS-2\.0SP8");
script_xref(name:"EulerOS-SA", value:"2019-2275");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2275");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS
'bind' package(s) announced via the EulerOS-SA-2019-2275 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 of the 9.13 development branch are also affected.(CVE-2018-5744)");
script_tag(name:"affected", value:"'bind' package(s) on Huawei EulerOS V2.0SP8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROS-2.0SP8") {
if(!isnull(res = isrpmvuln(pkg:"bind", rpm:"bind~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-chroot", rpm:"bind-chroot~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-export-devel", rpm:"bind-export-devel~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-export-libs", rpm:"bind-export-libs~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-libs-lite", rpm:"bind-libs-lite~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-license", rpm:"bind-license~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-pkcs11", rpm:"bind-pkcs11~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-pkcs11-libs", rpm:"bind-pkcs11-libs~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-pkcs11-utils", rpm:"bind-pkcs11-utils~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"python3-bind", rpm:"python3-bind~9.11.4~10.P2.h14.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
{"id": "OPENVAS:1361412562311220192275", "type": "openvas", "bulletinFamily": "scanner", "title": "Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2275)", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "published": "2020-01-23T00:00:00", "modified": "2020-01-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192275", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["2019-2275", "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2275"], "cvelist": ["CVE-2018-5744"], "lastseen": "2020-01-27T18:36:36", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-5744", "CVE-2019-2275"]}, {"type": "f5", "idList": ["F5:K00040234"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL00040234.NASL", "UBUNTU_USN-3893-1.NASL", "FEDORA_2019-5396A60397.NASL", "EULEROS_SA-2020-1047.NASL", "EULEROS_SA-2019-2275.NASL", "BIND9_CVE-2018-5744.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843913", "OPENVAS:1361412562310876114", "OPENVAS:1361412562310142033", "OPENVAS:1361412562310142034", "OPENVAS:1361412562311220201047"]}, {"type": "ubuntu", "idList": ["USN-3893-1"]}], "modified": "2020-01-27T18:36:36", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2020-01-27T18:36:36", "rev": 2}, "vulnersScore": 6.1}, "pluginID": "1361412562311220192275", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2275\");\n script_version(\"2020-01-23T12:45:01+0000\");\n script_cve_id(\"CVE-2018-5744\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:45:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:45:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2275)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2275\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2275\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bind' package(s) announced via the EulerOS-SA-2019-2275 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 of the 9.13 development branch are also affected.(CVE-2018-5744)\");\n\n script_tag(name:\"affected\", value:\"'bind' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-export-devel\", rpm:\"bind-export-devel~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-export-libs\", rpm:\"bind-export-libs~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-lite\", rpm:\"bind-libs-lite~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-license\", rpm:\"bind-license~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-pkcs11\", rpm:\"bind-pkcs11~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-pkcs11-libs\", rpm:\"bind-pkcs11-libs~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-pkcs11-utils\", rpm:\"bind-pkcs11-utils~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-bind\", rpm:\"python3-bind~9.11.4~10.P2.h14.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "naslFamily": "Huawei EulerOS Local Security Checks"}
{"cve": [{"lastseen": "2020-12-09T20:25:44", "description": "A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-10-09T16:15:00", "title": "CVE-2018-5744", "type": "cve", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5744"], "modified": "2019-11-05T16:58:00", "cpe": ["cpe:/a:isc:bind:9.10.7", "cpe:/a:isc:bind:9.11.5", "cpe:/a:isc:bind:9.10.8", "cpe:/a:isc:bind:9.12.3"], "id": "CVE-2018-5744", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5744", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.12.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.8:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.5:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*", "cpe:2.3:a:isc:bind:9.11.5:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*", "cpe:2.3:a:isc:bind:9.12.3:-:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.8:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.3:p1:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:39:32", "bulletinFamily": "software", "cvelist": ["CVE-2018-5744"], "description": "\nF5 Product Development has assigned ID 757025 (BIG-IP) to this vulnerability. Additionally, [F5 iHealth](<https://www.f5.com/services/support/support-offerings/big-ip-ihealth-diagnostic-tool>) may list Heuristic H00040234 on the **Diagnostics** > **Identified** > **High** page.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | 15.0.0 | High | [7.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H>) | **named** \n14.x | 14.1.0 \n14.0.0.3 - 14.0.0.4 | 14.1.0.2 \n13.x | 13.1.1.4 | 13.1.1.5 \n12.x | 12.1.4 | 12.1.4.1 \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable2 | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable2 | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable2 | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n2The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM systems (11.4.x and later)](<https://support.f5.com/csp/article/K48955220>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2019-11-01T20:27:00", "published": "2019-02-22T10:40:00", "id": "F5:K00040234", "href": "https://support.f5.com/csp/article/K00040234", "title": "BIND vulnerability CVE-2018-5744", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-01T01:21:56", "description": "According to its self-reported version, the instance of ISC BIND 9\nrunning on the remote name server is less than 9.11.5-P4 / 9.11.5-S5 \n/ 9.12.3-P4 / 9.13.7. It is, therefore, affected by a denial of\nservice vulnerability.\n\n - A memory leak vulnerability exists for named's memory use. An\n unauthenticated, remote attacker can cause named's memory use to\n grow without bounds until all memory available to the process is\n exhausted. (CVE-2018-5744)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-01T00:00:00", "title": "ISC BIND Memory Leak DoS Vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5744"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_CVE-2018-5744.NASL", "href": "https://www.tenable.com/plugins/nessus/122505", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122505);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\"CVE-2018-5744\");\n script_bugtraq_id(107125);\n\n script_name(english:\"ISC BIND Memory Leak DoS Vulnerability\");\n script_summary(english:\"Checks the version of BIND.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a Memory Leak DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of ISC BIND 9\nrunning on the remote name server is less than 9.11.5-P4 / 9.11.5-S5 \n/ 9.12.3-P4 / 9.13.7. It is, therefore, affected by a denial of\nservice vulnerability.\n\n - A memory leak vulnerability exists for named's memory use. An\n unauthenticated, remote attacker can cause named's memory use to\n grow without bounds until all memory available to the process is\n exhausted. (CVE-2018-5744)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.isc.org/docs/cve-2018-5744\");\n # https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?819e1b27\");\n # https://ftp.isc.org/isc/bind9/9.12.3-P4/RELEASE-NOTES-bind-9.12.3-P4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce21c14e\");\n # https://ftp.isc.org/isc/bind9/9.13.7/RELEASE-NOTES-bind-9.13.7.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d3f49be7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to ISC BIND version 9.11.5-P4 / 9.12.3-P4 / 9.13.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5744\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID); # patch can be applied\n\nvcf::bind::initialize();\n\napp_info = vcf::get_app_info(app:\"BIND\", port:53, kb_ver:\"bind/version\", service:TRUE, proto:\"UDP\");\n\nconstraints = [\n { \"min_version\" : \"9.10.7\", \"max_version\" : \"9.10.8-P1\", \"fixed_version\":\"9.11.5-P4\" },\n { \"min_version\" : \"9.11.3\", \"max_version\": \"9.11.5-P1\", \"fixed_version\" : \"9.11.5-P4\"},\n { \"min_version\" : \"9.12.0\", \"max_version\": \"9.12.3-P1\", \"fixed_version\" : \"9.12.3-P4\"},\n { \"min_version\" : \"9.9.3-S1\", \"max_version\" : \"9.11.5-S3\", \"fixed_version\":\"9.11.5-S5\" },\n { \"min_version\" : \"9.13.0\", \"max_version\" : \"9.13.6\", \"fixed_version\" : \"9.13.7\" }\n];\n\nconstraints = vcf::bind::filter_constraints(constraints:constraints, version:app_info.version);\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T02:23:29", "description": "More details are in [upstream release\nnotes](https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11\n.5-P4.html). Disabled autodetected support of ED448, it does not work.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 19, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-26T00:00:00", "title": "Fedora 29 : 32:bind (2019-5396a60397)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5744"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:29", "p-cpe:/a:fedoraproject:fedora:32:bind"], "id": "FEDORA_2019-5396A60397.NASL", "href": "https://www.tenable.com/plugins/nessus/122438", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-5396a60397.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122438);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2018-5744\");\n script_xref(name:\"FEDORA\", value:\"2019-5396a60397\");\n\n script_name(english:\"Fedora 29 : 32:bind (2019-5396a60397)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"More details are in [upstream release\nnotes](https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11\n.5-P4.html). Disabled autodetected support of ED448, it does not work.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-5396a60397\"\n );\n # https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?819e1b27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 32:bind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:32:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"bind-9.11.5-4.P4.fc29\", epoch:\"32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"32:bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:00:08", "description": "According to the version of the bind packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A failure to free memory can occur when processing\n messages having a specific combination of EDNS options.\n Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3\n -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions\n 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview\n Edition. Versions 9.13.0 -> 9.13.6 of the 9.13\n development branch are also affected.(CVE-2018-5744)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 8, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-11-27T00:00:00", "title": "EulerOS 2.0 SP8 : bind (EulerOS-SA-2019-2275)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5744"], "modified": "2019-11-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python3-bind", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-export-devel", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:bind-pkcs11", "p-cpe:/a:huawei:euleros:bind-pkcs11-libs", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-pkcs11-utils", "p-cpe:/a:huawei:euleros:bind-license", "p-cpe:/a:huawei:euleros:bind", "cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:bind-chroot"], "id": "EULEROS_SA-2019-2275.NASL", "href": "https://www.tenable.com/plugins/nessus/131341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131341);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-5744\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : bind (EulerOS-SA-2019-2275)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the bind packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A failure to free memory can occur when processing\n messages having a specific combination of EDNS options.\n Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3\n -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions\n 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview\n Edition. Versions 9.13.0 -> 9.13.6 of the 9.13\n development branch are also affected.(CVE-2018-5744)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2275\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?83ce6704\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-pkcs11-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bind-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-chroot-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-export-devel-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-export-libs-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-libs-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-libs-lite-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-license-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-pkcs11-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-pkcs11-libs-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-pkcs11-utils-9.11.4-10.P2.h14.eulerosv2r8\",\n \"bind-utils-9.11.4-10.P2.h14.eulerosv2r8\",\n \"python3-bind-9.11.4-10.P2.h14.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:19:50", "description": "A failure to free memory can occur when processing messages having a\nspecific combination of EDNS options. Versions affected are: BIND\n9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and\nversions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition.\nVersions 9.13.0 -> 9.13.6 of the 9.13 development branch are also\naffected. (CVE-2018-5744)\n\nImpact\n\nBIG-IP\n\nAttacker can exploit this vulnerability to cause memory exhaustion on\nthe affected system.\n\nBIG-IQ, F5 iWorkflow, Enterprise Manager, and Traffix SDC\n\nThere is no impact for these F5 products; theyare not affected by this\nvulnerability.", "edition": 9, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-04T00:00:00", "title": "F5 Networks BIG-IP : BIND vulnerability (K00040234)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5744"], "modified": "2019-03-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL00040234.NASL", "href": "https://www.tenable.com/plugins/nessus/122552", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K00040234.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122552);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/09\");\n\n script_cve_id(\"CVE-2018-5744\");\n\n script_name(english:\"F5 Networks BIG-IP : BIND vulnerability (K00040234)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A failure to free memory can occur when processing messages having a\nspecific combination of EDNS options. Versions affected are: BIND\n9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and\nversions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition.\nVersions 9.13.0 -> 9.13.6 of the 9.13 development branch are also\naffected. (CVE-2018-5744)\n\nImpact\n\nBIG-IP\n\nAttacker can exploit this vulnerability to cause memory exhaustion on\nthe affected system.\n\nBIG-IQ, F5 iWorkflow, Enterprise Manager, and Traffix SDC\n\nThere is no impact for these F5 products; theyare not affected by this\nvulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K00040234\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K00040234.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K00040234\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"14.1.0\",\"14.0.0.3-14.0.0.4\",\"13.1.1.4\",\"12.1.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.0.2\",\"13.1.1.5\",\"12.1.4.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:01:54", "description": "According to the versions of the bind packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - A race condition leading to denial of service was found\n in the way bind handled certain malformed packets. A\n remote attacker who could cause the bind resolver to\n perform queries on a server, which responds\n deliberately with malformed answers, could cause named\n to exit.(CVE-2019-6471)\n\n - A failure to free memory can occur when processing\n messages having a specific combination of EDNS options.\n Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3\n -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions\n 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview\n Edition. Versions 9.13.0 -> 9.13.6 of the 9.13\n development branch are also affected.(CVE-2018-5744)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-01-13T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : bind (EulerOS-SA-2020-1047)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6471", "CVE-2018-5744"], "modified": "2020-01-13T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.5.0", "p-cpe:/a:huawei:euleros:python3-bind", "p-cpe:/a:huawei:euleros:bind-libs", "p-cpe:/a:huawei:euleros:bind-utils", "p-cpe:/a:huawei:euleros:bind-export-libs", "p-cpe:/a:huawei:euleros:bind-libs-lite", "p-cpe:/a:huawei:euleros:bind-license"], "id": "EULEROS_SA-2020-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/132801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132801);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-5744\",\n \"CVE-2019-6471\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : bind (EulerOS-SA-2020-1047)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the bind packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - A race condition leading to denial of service was found\n in the way bind handled certain malformed packets. A\n remote attacker who could cause the bind resolver to\n perform queries on a server, which responds\n deliberately with malformed answers, could cause named\n to exit.(CVE-2019-6471)\n\n - A failure to free memory can occur when processing\n messages having a specific combination of EDNS options.\n Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3\n -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions\n 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview\n Edition. Versions 9.13.0 -> 9.13.6 of the 9.13\n development branch are also affected.(CVE-2018-5744)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1047\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d7d7f010\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-export-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bind-export-libs-9.11.4-10.P2.h16.eulerosv2r8\",\n \"bind-libs-9.11.4-10.P2.h16.eulerosv2r8\",\n \"bind-libs-lite-9.11.4-10.P2.h16.eulerosv2r8\",\n \"bind-license-9.11.4-10.P2.h16.eulerosv2r8\",\n \"bind-utils-9.11.4-10.P2.h16.eulerosv2r8\",\n \"python3-bind-9.11.4-10.P2.h16.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-18T10:58:38", "description": "Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A\nremote attacker could possibly use this issue to cause Bind to consume\nresources, leading to a denial of service. This issue only affected\nUbuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-5744)\n\nIt was discovered that Bind incorrectly handled certain trust anchors\nwhen used with the 'managed-keys' feature. A remote attacker could\npossibly use this issue to cause Bind to crash, resulting in a denial\nof service. (CVE-2018-5745)\n\nIt was discovered that Bind incorrectly handled certain controls for\nzone transfers, contrary to expectations. (CVE-2019-6465).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2019-02-22T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Bind vulnerabilities (USN-3893-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "modified": "2019-02-22T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:bind9", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3893-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122399", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3893-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122399);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-5744\", \"CVE-2018-5745\", \"CVE-2019-6465\");\n script_xref(name:\"USN\", value:\"3893-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Bind vulnerabilities (USN-3893-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A\nremote attacker could possibly use this issue to cause Bind to consume\nresources, leading to a denial of service. This issue only affected\nUbuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-5744)\n\nIt was discovered that Bind incorrectly handled certain trust anchors\nwhen used with the 'managed-keys' feature. A remote attacker could\npossibly use this issue to cause Bind to crash, resulting in a denial\nof service. (CVE-2018-5745)\n\nIt was discovered that Bind incorrectly handled certain controls for\nzone transfers, contrary to expectations. (CVE-2019-6465).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3893-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind9 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6465\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"bind9\", pkgver:\"1:9.9.5.dfsg-3ubuntu0.19\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"bind9\", pkgver:\"1:9.10.3.dfsg.P4-8ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"bind9\", pkgver:\"1:9.11.3+dfsg-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"bind9\", pkgver:\"1:9.11.4+dfsg-3ubuntu5.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind9\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2020-01-27T18:34:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6471", "CVE-2018-5744"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201047", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1047)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1047\");\n script_version(\"2020-01-23T13:18:05+0000\");\n script_cve_id(\"CVE-2018-5744\", \"CVE-2019-6471\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:18:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:18:05 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1047)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1047\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1047\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bind' package(s) announced via the EulerOS-SA-2020-1047 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A race condition leading to denial of service was found in the way bind handled certain malformed packets. A remote attacker who could cause the bind resolver to perform queries on a server, which responds deliberately with malformed answers, could cause named to exit.(CVE-2019-6471)\n\nA failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 of the 9.13 development branch are also affected.(CVE-2018-5744)\");\n\n script_tag(name:\"affected\", value:\"'bind' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-export-libs\", rpm:\"bind-export-libs~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-lite\", rpm:\"bind-libs-lite~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-license\", rpm:\"bind-license~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-bind\", rpm:\"python3-bind~9.11.4~10.P2.h16.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-08T14:18:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "description": "The remote host is missing an update for the ", "modified": "2019-11-08T00:00:00", "published": "2019-02-23T00:00:00", "id": "OPENVAS:1361412562310843913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843913", "type": "openvas", "title": "Ubuntu Update for bind9 USN-3893-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843913\");\n script_version(\"2019-11-08T08:01:14+0000\");\n script_cve_id(\"CVE-2018-5744\", \"CVE-2018-5745\", \"CVE-2019-6465\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-11-08 08:01:14 +0000 (Fri, 08 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-23 04:07:11 +0100 (Sat, 23 Feb 2019)\");\n script_name(\"Ubuntu Update for bind9 USN-3893-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3893-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3893-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind9'\n package(s) announced via the USN-3893-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A\nremote attacker could possibly use this issue to cause Bind to consume\nresources, leading to a denial of service. This issue only affected Ubuntu\n18.04 LTS and Ubuntu 18.10. (CVE-2018-5744)\n\nIt was discovered that Bind incorrectly handled certain trust anchors when\nused with the 'managed-keys' feature. A remote attacker could possibly use\nthis issue to cause Bind to crash, resulting in a denial of service.\n(CVE-2018-5745)\n\nIt was discovered that Bind incorrectly handled certain controls for zone\ntransfers, contrary to expectations. (CVE-2019-6465)\");\n\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-3ubuntu0.19\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.11.3+dfsg-1ubuntu1.5\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.11.4+dfsg-3ubuntu5.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.10.3.dfsg.P4-8ubuntu1.12\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-11T18:47:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "description": "ISC BIND is prone to multiple vulnerabilities.", "modified": "2019-12-10T00:00:00", "published": "2019-02-25T00:00:00", "id": "OPENVAS:1361412562310142034", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142034", "type": "openvas", "title": "ISC BIND Multiple Vulnerabilities - Feb19 (Windows)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:isc:bind\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142034\");\n script_version(\"2019-12-10T15:03:15+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 15:03:15 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-25 08:35:13 +0700 (Mon, 25 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-5744\", \"CVE-2018-5745\", \"CVE-2019-6465\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"ISC BIND Multiple Vulnerabilities - Feb19 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"bind_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"isc/bind/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"ISC BIND is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"ISC BIND is prone to multiple vulnerabilities:\n\n - A specially crafted packet can cause named to leak memory (CVE-2018-5744)\n\n - An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using\n managed-keys (CVE-2018-5745)\n\n - Zone transfer controls for writable DLZ zones were not effective (CVE-2019-6465)\");\n\n script_tag(name:\"affected\", value:\"ISC BIND versions 9.9.0-9.10.8-P1, 9.11.0-9.11.5-P2, 9.12.0-9.12.3-P2 and\n 9.9.3-S1-9.11.5-S3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.11.5-S5, 9.11.5-P4, 9.12.3-P4 or later.\");\n\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2018-5744\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2018-5745\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2019-6465\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_proto(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif (version !~ \"^9\\.\")\n exit(99);\n\nif (version =~ \"^9\\.(9|10)\\.[0-9]s[0-9]\") {\n if (version_in_range(version: version, test_version: \"9.9.3s1\", test_version2: \"9.11.5s3\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-S5\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n} else {\n if (version_in_range(version: version, test_version: \"9.9.0\", test_version2: \"9.10.8p1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n\n if (version_in_range(version: version, test_version: \"9.11.0\", test_version2: \"9.11.5p2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n\n if (version_in_range(version: version, test_version: \"9.12.0\", test_version2: \"9.12.3p2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.12.3-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-08T14:16:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "description": "The remote host is missing an update for the ", "modified": "2019-11-08T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876114", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876114", "type": "openvas", "title": "Fedora Update for bind FEDORA-2019-5396a60397", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876114\");\n script_version(\"2019-11-08T08:01:14+0000\");\n script_cve_id(\"CVE-2018-5744\", \"CVE-2018-5745\", \"CVE-2019-6465\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-11-08 08:01:14 +0000 (Fri, 08 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:35:07 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for bind FEDORA-2019-5396a60397\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-5396a60397\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEZLATNJNUFTRVVXK4R7WYFKZQIRAIRC\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the FEDORA-2019-5396a60397 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n(Domain Name System) protocols. BIND includes a DNS server (named),\nwhich resolves host names to IP addresses, a resolver library\n(routines for applications to use when interfacing with DNS), and\ntools for verifying that the DNS server is operating properly.\");\n\n script_tag(name:\"affected\", value:\"'bind' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.11.5~4.P4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-11T18:47:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "description": "ISC BIND is prone to multiple vulnerabilities.", "modified": "2019-12-10T00:00:00", "published": "2019-02-25T00:00:00", "id": "OPENVAS:1361412562310142033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142033", "type": "openvas", "title": "ISC BIND Multiple Vulnerabilities - Feb19 (Linux)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:isc:bind\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142033\");\n script_version(\"2019-12-10T15:03:15+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 15:03:15 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-25 08:18:00 +0700 (Mon, 25 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-5744\", \"CVE-2018-5745\", \"CVE-2019-6465\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"ISC BIND Multiple Vulnerabilities - Feb19 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"bind_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"isc/bind/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"ISC BIND is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"ISC BIND is prone to multiple vulnerabilities:\n\n - A specially crafted packet can cause named to leak memory (CVE-2018-5744)\n\n - An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using\n managed-keys (CVE-2018-5745)\n\n - Zone transfer controls for writable DLZ zones were not effective (CVE-2019-6465)\");\n\n script_tag(name:\"affected\", value:\"ISC BIND versions 9.9.0-9.10.8-P1, 9.11.0-9.11.5-P2, 9.12.0-9.12.3-P2 and\n 9.9.3-S1-9.11.5-S3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.11.5-S5, 9.11.5-P4, 9.12.3-P4 or later.\");\n\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2018-5744\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2018-5745\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/cve-2019-6465\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_proto(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif (version !~ \"^9\\.\")\n exit(99);\n\nif (version =~ \"^9\\.(9|10)\\.[0-9]s[0-9]\") {\n if (version_in_range(version: version, test_version: \"9.9.3s1\", test_version2: \"9.11.5s3\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-S5\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n} else {\n if (version_in_range(version: version, test_version: \"9.9.0\", test_version2: \"9.10.8p1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n\n if (version_in_range(version: version, test_version: \"9.11.0\", test_version2: \"9.11.5p2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.11.5-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n\n if (version_in_range(version: version, test_version: \"9.12.0\", test_version2: \"9.12.3p2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.12.3-P4\");\n security_message(port: port, data: report, proto: proto);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5744", "CVE-2018-5745", "CVE-2019-6465"], "description": "Arch Linux Security Advisory ASA-201902-25\n==========================================\n\nSeverity: High\nDate : 2019-02-25\nCVE-ID : CVE-2018-5744 CVE-2018-5745 CVE-2019-6465\nPackage : bind\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-915\n\nSummary\n=======\n\nThe package bind before version 9.13.7-1 is vulnerable to multiple\nissues including denial of service and access restriction bypass.\n\nResolution\n==========\n\nUpgrade to 9.13.7-1.\n\n# pacman -Syu \"bind>=9.13.7-1\"\n\nThe problems have been fixed upstream in version 9.13.7.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-5744 (denial of service)\n\nA failure to free memory can occur when processing messages having a\nspecific combination of EDNS options has been found in bind before\n9.13.7. By exploiting this condition, an attacker can potentially cause\nnamed's memory use to grow without bounds until all memory available to\nthe process is exhausted. Typically a server process is limited as to\nthe amount of memory it can use but if the named process is not limited\nby the operating system all free memory on the server could be\nexhausted.\n\n- CVE-2018-5745 (denial of service)\n\n\"managed-keys\" is a feature which allows a BIND resolver to\nautomatically maintain the keys used by trust anchors which operators\nconfigure for use in DNSSEC validation. Before 9.13.7, due to an error\nin the managed-keys feature, it is possible for a BIND server which\nuses managed-keys to exit due to an assertion failure if, during key\nrollover, a trust anchor's keys are replaced with keys which use an\nunsupported algorithm.\n\n- CVE-2019-6465 (access restriction bypass)\n\nControls for zone transfers may not be properly applied to Dynamically\nLoadable Zones (DLZs) if the zones are writable in bind before 9.13.7.\nA client exercising this defect can request and receive a zone transfer\nof a DLZ even when not permitted to do so by the allow-transfer ACL.\n\nImpact\n======\n\nA remote user can bypass the allow-transfer ACL to access sensitive\ninformation in a DLZ, or crash the server.\n\nReferences\n==========\n\nhttps://kb.isc.org/docs/cve-2018-5744\nhttps://kb.isc.org/docs/cve-2018-5745\nhttps://kb.isc.org/docs/cve-2019-6465\nhttps://security.archlinux.org/CVE-2018-5744\nhttps://security.archlinux.org/CVE-2018-5745\nhttps://security.archlinux.org/CVE-2019-6465", "modified": "2019-02-25T00:00:00", "published": "2019-02-25T00:00:00", "id": "ASA-201902-25", "href": "https://security.archlinux.org/ASA-201902-25", "type": "archlinux", "title": "[ASA-201902-25] bind: multiple issues", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:16", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5745", "CVE-2018-5744", "CVE-2019-6465"], "description": "Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A \nremote attacker could possibly use this issue to cause Bind to consume \nresources, leading to a denial of service. This issue only affected Ubuntu \n18.04 LTS and Ubuntu 18.10. (CVE-2018-5744)\n\nIt was discovered that Bind incorrectly handled certain trust anchors when \nused with the \"managed-keys\" feature. A remote attacker could possibly use \nthis issue to cause Bind to crash, resulting in a denial of service. \n(CVE-2018-5745)\n\nIt was discovered that Bind incorrectly handled certain controls for zone \ntransfers, contrary to expectations. (CVE-2019-6465)", "edition": 4, "modified": "2019-02-22T00:00:00", "published": "2019-02-22T00:00:00", "id": "USN-3893-1", "href": "https://ubuntu.com/security/notices/USN-3893-1", "title": "Bind vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cisa": [{"lastseen": "2020-12-18T18:07:03", "bulletinFamily": "info", "cvelist": ["CVE-2018-5744", "CVE-2018-5745", "CVE-2019-6465"], "description": "The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition.\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisories for [CVE-2018-5744](<https://kb.isc.org/docs/cve-2018-5744>), [CVE-2018-5745](<https://kb.isc.org/docs/cve-2018-5745>), and [CVE-2019-6465](<https://kb.isc.org/docs/cve-2019-6465>), and apply the necessary updates.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://surveymonkey.com/r/G8STDRY?product=https://us-cert.cisa.gov/ncas/current-activity/2019/02/22/ISC-Releases-Security-Updates-BIND>); we'd welcome your feedback.\n", "modified": "2019-02-22T00:00:00", "published": "2019-02-22T00:00:00", "id": "CISA:B6D550D7E68F298152BD6F14CCBAF6B2", "href": "https://us-cert.cisa.gov/ncas/current-activity/2019/02/22/ISC-Releases-Security-Updates-BIND", "type": "cisa", "title": "ISC Releases Security Updates for BIND", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5744", "CVE-2018-5745", "CVE-2019-6465"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2019-02-26T03:08:57", "published": "2019-02-26T03:08:57", "id": "FEDORA:6EF18603E859", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: bind-9.11.5-4.P4.fc29", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
