Lucene search
RedHat Update for bind97 RHSA-2013:0690-01
ποΈΒ 02 Apr 2013Β 00:00:00Reported byΒ Copyright (c) 2013 Greenbone Networks GmbHTypeΒ 
Β openvasπΒ plugins.openvas.orgπΒ 32Β Views
RedHat Update for bind97 RHSA-2013:0690-01 - Update for BIND97 to address denial of service vulnerability
Show more
| Reporter | Title | Published | Views | Family All 112 |
|---|---|---|---|---|
 | CentOS 5 : bind97 (CESA-2013:0690) | 29 Mar 201300:00 | β | nessus |
| Fedora 17 : bind-9.9.2-7.P2.fc17 (2013-4533) | 8 Apr 201300:00 | β | nessus |
| openSUSE Security Update : dhcp (openSUSE-SU-2013:0619-1) | 13 Jun 201400:00 | β | nessus |
| SuSE 11.2 Security Update : dhcp (SAT Patch Number 7571) | 18 Apr 201300:00 | β | nessus |
| Oracle Linux 5 : bind97 (ELSA-2013-0690) | 12 Jul 201300:00 | β | nessus |
| Debian DSA-2656-1 : bind9 - denial of service | 1 Apr 201300:00 | β | nessus |
| Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20130328) | 1 Apr 201300:00 | β | nessus |
| Mandriva Linux Security Advisory : bind (MDVSA-2013:058) | 20 Apr 201300:00 | β | nessus |
| Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : dhcp (SSA:2013-086-02) | 28 Mar 201300:00 | β | nessus |
| openSUSE Security Update : dhcp (openSUSE-SU-2013:0620-1) | 13 Jun 201400:00 | β | nessus |
10
| Source | Link |
|---|---|
| redhat | www.redhat.com/archives/rhsa-announce/2013-March/msg00075.html |
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for bind97 RHSA-2013:0690-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server (named); a
resolver library (routines for applications to use when interfacing with
DNS); and tools for verifying that the DNS server is operating correctly.
A denial of service flaw was found in the libdns library. A remote attacker
could use this flaw to send a specially-crafted DNS query to named that,
when processed, would cause named to use an excessive amount of memory, or
possibly crash. (CVE-2013-2266)
Note: This update disables the syntax checking of NAPTR (Naming Authority
Pointer) resource records.
All bind97 users are advised to upgrade to these updated packages, which
contain a patch to correct this issue. After installing the update, the
BIND daemon (named) will be restarted automatically.";
tag_solution = "Please Install the Updated Packages.";
tag_affected = "bind97 on Red Hat Enterprise Linux (v. 5 server)";
if(description)
{
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2013-March/msg00075.html");
script_id(870973);
script_version("$Revision: 8542 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $");
script_tag(name:"creation_date", value:"2013-04-02 12:26:22 +0530 (Tue, 02 Apr 2013)");
script_cve_id("CVE-2013-2266");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name: "RHSA", value: "2013:0690-01");
script_name("RedHat Update for bind97 RHSA-2013:0690-01");
script_tag(name: "summary" , value: "Check for the Version of bind97");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"bind97", rpm:"bind97~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"bind97-chroot", rpm:"bind97-chroot~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"bind97-debuginfo", rpm:"bind97-debuginfo~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"bind97-devel", rpm:"bind97-devel~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"bind97-libs", rpm:"bind97-libs~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"bind97-utils", rpm:"bind97-utils~9.7.0~17.P2.el5_9.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo02 Apr 2013 00:00Current
7.6High risk
Vulners AI Score7.6
EPSS0.31202