Lucene search
Copyright (c) 2010 Greenbone Networks GmbHOPENVAS:840545HistoryDec 09, 2010 - 12:00 a.m.
Ubuntu Update for bind9 vulnerabilities USN-1025-1
2010-12-0900:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
8
0.023 Low
EPSS
Percentile
88.6%
Ubuntu Update for Linux kernel vulnerabilities USN-1025-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1025_1.nasl 7965 2017-12-01 07:38:25Z santu $
#
# Ubuntu Update for bind9 vulnerabilities USN-1025-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "It was discovered that Bind would incorrectly allow a ncache entry and a
rrsig for the same type. A remote attacker could exploit this to cause
Bind to crash, resulting in a denial of service. (CVE-2010-3613)
It was discovered that Bind would incorrectly mark zone data as insecure
when the zone is undergoing a key algorithm rollover. (CVE-2010-3614)";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-1025-1";
tag_affected = "bind9 vulnerabilities on Ubuntu 6.06 LTS ,
Ubuntu 8.04 LTS ,
Ubuntu 9.10 ,
Ubuntu 10.04 LTS ,
Ubuntu 10.10";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-1025-1/");
script_id(840545);
script_version("$Revision: 7965 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
script_xref(name: "USN", value: "1025-1");
script_cve_id("CVE-2010-3613", "CVE-2010-3614");
script_name("Ubuntu Update for bind9 vulnerabilities USN-1025-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU9.10")
{
if ((res = isdpkgvuln(pkg:"bind9-host", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9utils", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dnsutils", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind-dev", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind9-50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns53", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisc50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccc50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccfg50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"liblwres50", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"lwresd", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9-doc", ver:"9.6.1.dfsg.P1-3ubuntu0.4", rls:"UBUNTU9.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU6.06 LTS")
{
if ((res = isdpkgvuln(pkg:"bind9-host", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dnsutils", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind-dev", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind9-0", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns21", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns23", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisc11", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccc0", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccfg1", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"liblwres9", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"lwresd", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9-doc", ver:"9.3.2-2ubuntu1.12", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU10.04 LTS")
{
if ((res = isdpkgvuln(pkg:"bind9-host", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9utils", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dnsutils", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind-dev", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind9-60", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns64", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisc60", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccc60", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccfg60", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"liblwres60", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"lwresd", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9-doc", ver:"9.7.0.dfsg.P1-1ubuntu0.1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU8.04 LTS")
{
if ((res = isdpkgvuln(pkg:"bind9-host", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dnsutils", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind-dev", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind9-30", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns35", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns36", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisc35", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccc30", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccfg30", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"liblwres30", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"lwresd", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9-doc", ver:"9.4.2.dfsg.P2-2ubuntu0.6", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU10.10")
{
if ((res = isdpkgvuln(pkg:"bind9-host", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9utils", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dnsutils", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind-dev", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libbind9-60", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libdns66", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisc60", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccc60", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"libisccfg60", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"liblwres60", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"lwresd", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"bind9-doc", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"host", ver:"9.7.1.dfsg.P2-2ubuntu0.1", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
nessus
nessus
AIX 5.3 TL 12 : bind9 (IZ99391)
2013-01-24 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13
2010-12-07 20:10:13
[SECURITY] Fedora 13 Update: dnsperf-1.0.1.0-19.fc13
2010-12-07 20:10:14
[SECURITY] Fedora 14 Update: bind-9.7.2-4.P3.fc14
2010-12-08 21:39:24
openvas
openvas
Fedora Update for bind-dyndb-ldap FEDORA-2010-18521
2010-12-23 00:00:00
Fedora Update for dnsperf FEDORA-2010-18521
2010-12-23 00:00:00
Fedora Update for bind-dyndb-ldap FEDORA-2010-18521
2010-12-23 00:00:00
securityvulns
securityvulns
bind named DNS server vulnerabilities
2010-12-06 00:00:00
[USN-1025-1] Bind vulnerabilities
2010-12-06 00:00:00
ubuntu
ubuntu
Bind vulnerabilities
2010-12-01 00:00:00
redhat
redhat
(RHSA-2010:0975) Important: bind security update
2010-12-13 00:00:00
(RHSA-2010:0976) Important: bind security update
2010-12-13 00:00:00
(RHSA-2010:1000) Important: bind security update
2010-12-20 00:00:00
oraclelinux
oraclelinux
bind security update
2011-02-10 00:00:00
bind security update
2010-12-13 00:00:00
bind security update
2010-12-20 00:00:00
debian
debian
[SECURITY] [DSA-2130-1] New BIND packages fix denial of service
2010-12-10 20:27:48
slackware
slackware
[slackware-security] bind
2010-12-16 21:45:59
cisa
cisa
Internet Systems Consortium BIND Vulnerabilities
2010-12-02 00:00:00
centos
centos
bind, caching security update
2010-12-14 01:18:10
bind security update
2011-01-27 09:19:06
osv
osv
bind9 - denial of service
2010-12-10 00:00:00
f5
f5
K12567 : BIND vulnerability CVE-2010-3614
2013-07-03 00:00:00
SOL12567 - BIND vulnerability CVE-2010-3614
2011-01-27 00:00:00
K12851 : BIND vulnerability CVE-2010-3613
2013-09-11 00:00:00
veracode
veracode
Authorization Bypass
2020-04-10 00:51:03
Denial Of Service (DoS)
2020-04-10 00:51:03
debiancve
debiancve
CVE-2010-3614
2010-12-06 13:44:00
CVE-2010-3613
2010-12-06 13:44:00
prion
prion
Input validation
2010-12-06 13:44:00
Design/Logic Flaw
2010-12-06 13:44:00
cve
cve
CVE-2010-3614
2010-12-06 13:44:00
CVE-2010-3613
2010-12-06 13:44:00
cert
cert
ISC BIND named validator vulnerability
2010-12-01 00:00:00
ISC BIND cache vulnerability
2010-12-01 00:00:00
ISC BIND named allow-query vulnerability
2010-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2010-3614
2010-12-01 00:00:00
CVE-2010-3613
2010-12-01 00:00:00
vmware
vmware
gentoo
gentoo
BIND: Multiple vulnerabilities
2012-06-02 00:00:00