{"cve": [{"lastseen": "2020-10-03T12:46:06", "description": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.", "edition": 3, "cvss3": {}, "published": "2013-07-29T13:59:00", "title": "CVE-2013-4854", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4854"], "modified": "2019-04-22T17:48:00", "cpe": ["cpe:/a:isc:bind:9.9.2", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.8.3", "cpe:/o:fedoraproject:fedora:18", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.9.3", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/a:isc:bind:9.7.4", "cpe:/o:freebsd:freebsd:8.2", "cpe:/o:redhat:enterprise_linux:5", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.7", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.7.2", "cpe:/o:fedoraproject:fedora:19", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.8.6", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/a:isc:dnsco_bind:9.9.4", "cpe:/o:freebsd:freebsd:8.3", "cpe:/a:isc:bind:9.8.0", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/a:isc:dnsco_bind:9.9.3", "cpe:/o:novell:suse_linux:11", "cpe:/a:isc:bind:9.9.0", "cpe:/a:suse:suse_linux_enterprise_software_development_kit:11.0", "cpe:/a:isc:bind:9.8.2", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:freebsd:freebsd:8.4", "cpe:/a:isc:bind:9.7.0", "cpe:/o:mandriva:business_server:1.0", "cpe:/o:freebsd:freebsd:9.2", "cpe:/a:isc:bind:9.8.5", "cpe:/o:mandriva:enterprise_server:5.0", "cpe:/o:freebsd:freebsd:8.0", "cpe:/o:hp:hp-ux:b.11.31", "cpe:/a:isc:bind:9.7.5", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:freebsd:freebsd:9.0", "cpe:/a:isc:bind:9.8.4", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/o:freebsd:freebsd:8.1", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:freebsd:freebsd:9.1"], "id": "CVE-2013-4854", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4854", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", "cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:34", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "edition": 1, "description": "\nF5 Product Development has assigned ID 426341 (BIG-IP) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.4.0 \n| 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP AAM | 11.4.0 | 11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP AFM | 11.3.0 - 11.4.0 \n| 11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP Analytics | 11.0.0 - 11.4.0 \n| 11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 | BIND \nBIG-IP APM | 11.0.0 - 11.4.0 \n| 10.1.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP ASM | 11.0.0 - 11.4.0 \n| 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n| 10.1.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nBIG-IP GTM | 11.0.0 - 11.4.0 \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP Link Controller | 11.0.0 - 11.4.0 \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP PEM | 11.3.0 - 11.4.0 \n| 11.3.0 HF7 \n11.4.0 HF3 \n11.4.1 - 11.5.1 \n| BIND \nBIG-IP PSM | 11.0.0 - 11.4.0 \n| 9.4.5 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n11.4.0 HF3 \n| BIND \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n| 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nBIG-IP WOM | 11.0.0 - 11.3.0 \n| 10.0.0 - 10.2.4 \n11.1.0 HF10 \n11.2.1 HF9 \n11.3.0 HF7 \n| BIND \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 \n| None \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nNone \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n", "modified": "2017-03-14T18:57:00", "published": "2013-08-16T02:48:00", "href": "https://support.f5.com/csp/article/K14613", "id": "F5:K14613", "title": "BIND vulnerability CVE-2013-4854", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-03-19T09:02:05", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "edition": 1, "description": "Recommended action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n", "modified": "2013-08-15T00:00:00", "published": "2013-08-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14613.html", "id": "SOL14613", "title": "SOL14613 - BIND vulnerability CVE-2013-4854", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T12:08:45", "published": "2013-07-30T04:00:00", "id": "RHSA-2013:1115", "href": "https://access.redhat.com/errata/RHSA-2013:1115", "type": "redhat", "title": "(RHSA-2013:1115) Important: bind97 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2018-06-06T20:24:11", "published": "2013-07-30T04:00:00", "id": "RHSA-2013:1114", "href": "https://access.redhat.com/errata/RHSA-2013:1114", "type": "redhat", "title": "(RHSA-2013:1114) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:10", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6544", "CVE-2013-0167", "CVE-2013-0791", "CVE-2013-1620", "CVE-2013-2146", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2237", "CVE-2013-4236", "CVE-2013-4854"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state.\n\nIt was discovered that NSS leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-1620)\n\nIt was found that the fix for CVE-2013-0167 released via RHSA-2013:0907\nwas incomplete. A privileged guest user could potentially use this flaw to\nmake the host the guest is running on unavailable to the management\nserver. (CVE-2013-4236)\n\nAn out-of-bounds memory read flaw was found in the way NSS decoded certain\ncertificates. If an application using NSS decoded a malformed certificate,\nit could cause the application to crash. (CVE-2013-0791)\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter\nof CVE-2013-0791. The CVE-2013-4236 issue was found by David Gibson of Red\nHat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-4854 (bind issue)\n\nCVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232,\nand CVE-2013-2237 (kernel issues)\n\nThis update also contains the fixes from the following errata:\n\n* vdsm: RHSA-2013:1155 and RHBA-2013:1158\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "modified": "2018-06-07T08:59:42", "published": "2013-08-27T04:00:00", "id": "RHSA-2013:1181", "href": "https://access.redhat.com/errata/RHSA-2013:1181", "type": "redhat", "title": "(RHSA-2013:1181) Moderate: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:34:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "**Issue Overview:**\n\nA denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. ([CVE-2013-4854 __](<https://access.redhat.com/security/cve/CVE-2013-4854>))\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-utils-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-devel-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-sdb-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-libs-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-debuginfo-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-chroot-9.8.2-0.17.rc1.30.amzn1.i686 \n bind-9.8.2-0.17.rc1.30.amzn1.i686 \n \n src: \n bind-9.8.2-0.17.rc1.30.amzn1.src \n \n x86_64: \n bind-debuginfo-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-libs-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-utils-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-devel-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-sdb-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-chroot-9.8.2-0.17.rc1.30.amzn1.x86_64 \n bind-9.8.2-0.17.rc1.30.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-08-07T21:20:00", "published": "2013-08-07T21:20:00", "id": "ALAS-2013-214", "href": "https://alas.aws.amazon.com/ALAS-2013-214.html", "title": "Important: bind", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:57:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "The BIND nameserver was updated to 9.9.3P2 to fix a\n security issue where incorrect bounds checking on private\n type 'keydata' could lead to a remotely triggerable REQUIRE\n failure. (CVE-2013-4854, bnc#831899)\n\n", "edition": 1, "modified": "2013-08-19T11:04:11", "published": "2013-08-19T11:04:11", "id": "OPENSUSE-SU-2013:1353-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00017.html", "title": "bind: 9.9.3P2 security and bugfix update (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:28:28", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "A specially crafted query with malicious rdata could have\n caused a crash (DoS) in named.\n", "edition": 1, "modified": "2013-08-07T21:04:12", "published": "2013-08-07T21:04:12", "id": "SUSE-SU-2013:1310-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:51:43", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "A specially crafted query with malicious rdata could have\n caused a crash (DoS) in named.\n\n", "edition": 1, "modified": "2013-08-19T12:04:10", "published": "2013-08-19T12:04:10", "id": "OPENSUSE-SU-2013:1354-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", "type": "suse", "title": "update for bind (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "description": "assert() on client request processing.", "edition": 1, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "SECURITYVULNS:VULN:13223", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13223", "title": "ISC bind DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "cvelist": ["CVE-2013-4854"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n=============================================================================\r\nFreeBSD-SA-13:07.bind Security Advisory\r\n The FreeBSD Project\r\n\r\nTopic: BIND remote denial of service\r\n\r\nCategory: contrib\r\nModule: bind\r\nAnnounced: 2013-07-26\r\nCredits: Maxim Shudrak and the HP Zero Day Initiative, ISC\r\nAffects: FreeBSD 8.4-RELEASE and FreeBSD 9.x\r\nCorrected: 2013-07-26 22:53:17 UTC (stable/8, 8.4-STABLE)\r\n 2013-07-26 22:40:17 UTC (releng/8.4, 8.4-RELEASE-p2)\r\n 2013-07-26 22:43:09 UTC (stable/9, 9.2-BETA2)\r\n 2013-07-26 22:40:23 UTC (releng/9.1, 9.1-RELEASE-p5)\r\nCVE Name: CVE-2013-4854\r\n\r\nFor general information regarding FreeBSD Security Advisories,\r\nincluding descriptions of the fields above, security branches, and the\r\nfollowing sections, please visit <URL:http://security.FreeBSD.org/>.\r\n\r\nI. Background\r\n\r\nBIND 9 is an implementation of the Domain Name System (DNS) protocols.\r\nThe named(8) daemon is an Internet Domain Name Server. The libdns\r\nlibrary is a library of DNS protocol support functions.\r\n\r\nII. Problem Description\r\n\r\nDue to a software defect a specially crafted query which includes\r\nmalformed rdata, could cause named(8) to crash with an assertion\r\nfailure and rejecting the malformed query. This issue affects both\r\nrecursive and authoritative-only nameservers.\r\n\r\nIII. Impact\r\n\r\nAn attacker who can send a specially crafted query could cause named(8)\r\nto crash, resulting in a denial of service.\r\n\r\nIV. Workaround\r\n\r\nNo workaround is available, but systems not running the named(8) service\r\nand not using the base system DNS utilities are not affected.\r\n\r\nV. Solution\r\n\r\nPerform one of the following:\r\n\r\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\r\nrelease / security branch (releng) dated after the correction date.\r\n\r\n2) To update your vulnerable system via a source code patch:\r\n\r\nThe following patches have been verified to apply to the applicable\r\nFreeBSD release branches.\r\n\r\na) Download the relevant patch from the location below, and verify the\r\ndetached PGP signature using your PGP utility.\r\n\r\n# fetch http://security.FreeBSD.org/patches/SA-13:07/bind.patch\r\n# fetch http://security.FreeBSD.org/patches/SA-13:07/bind.patch.asc\r\n# gpg --verify bind.patch.asc\r\n\r\nb) Execute the following commands as root:\r\n\r\n# cd /usr/src\r\n# patch < /path/to/patch\r\n\r\nRecompile the operating system using buildworld and installworld as\r\ndescribed in <URL:http://www.FreeBSD.org/handbook/makeworld.html>.\r\n\r\nRestart the named daemon, or reboot the system.\r\n\r\n3) To update your vulnerable system via a binary patch:\r\n\r\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\r\nplatforms can be updated via the freebsd-update(8) utility:\r\n\r\n# freebsd-update fetch\r\n# freebsd-update install\r\n\r\nVI. Correction details\r\n\r\nThe following list contains the correction revision numbers for each\r\naffected branch.\r\n\r\nBranch/path Revision\r\n- -------------------------------------------------------------------------\r\nstable/8/ r253696\r\nreleng/8.4/ r253692\r\nstable/9/ r253695\r\nreleng/9.1/ r253693\r\n- -------------------------------------------------------------------------\r\n\r\nTo see which files were modified by a particular revision, run the\r\nfollowing command, replacing XXXXXX with the revision number, on a\r\nmachine with Subversion installed:\r\n\r\n# svn diff -cXXXXXX --summarize svn://svn.freebsd.org/base\r\n\r\nOr visit the following URL, replacing XXXXXX with the revision number:\r\n\r\n<URL:http://svnweb.freebsd.org/base?view=revision&revision=XXXXXX>\r\n\r\nVII. References\r\n\r\nhttps://kb.isc.org/article/AA-01015\r\n\r\n<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854>\r\n\r\nThe latest revision of this advisory is available at\r\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-13:07.bind.asc\r\n-----BEGIN PGP SIGNATURE-----\r\n\r\niEYEARECAAYFAlHzPpMACgkQFdaIBMps37Jb2ACdFqaNTTBFiOCuz30MJ5s85UVd\r\nMzoAn2ebCjqULwyEbJaeTlck87NPfQWR\r\n=RFf2\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "SECURITYVULNS:DOC:29663", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29663", "title": "FreeBSD Security Advisory FreeBSD-SA-13:07.bind", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-4424", "CVE-2014-4406", "CVE-2013-3919", "CVE-2014-0065", "CVE-2014-0064", "CVE-2014-0591", "CVE-2014-0063", "CVE-2013-6393", "CVE-2014-0060", "CVE-2014-0062", "CVE-2014-4446", "CVE-2013-4854", "CVE-2014-0066", "CVE-2013-4164", "CVE-2014-4447", "CVE-2014-0061"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-10-16-3 OS X Server v4.0\r\n\r\nOS X Server v4.0 is now available and addresses the following:\r\n\r\nBIND\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Multiple vulnerabilities in BIND, the most serious of which\r\nmay lead to a denial of service\r\nDescription: Multiple vulnerabilities existed in BIND. These issues\r\nwere addressed by updating BIND to version 9.9.2-P2\r\nCVE-ID\r\nCVE-2013-3919\r\nCVE-2013-4854\r\nCVE-2014-0591\r\n\r\nCoreCollaboration\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: A remote attacker may be able to execute arbitrary SQL\r\nqueries\r\nDescription: A SQL injection issue existed in Wiki Server. This\r\nissue was addressed through additional validation of SQL queries.\r\nCVE-ID\r\nCVE-2014-4424 : Sajjad Pourali (sajjad@securation.com) of CERT of\r\nFerdowsi University of Mashhad\r\n\r\nCoreCollaboration\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite scripting attack\r\nDescription: A cross-site scripting issue existed in Xcode Server.\r\nThis issue was addressed through improved encoding of HTML output.\r\nCVE-ID\r\nCVE-2014-4406 : David Hoyt of Hoyt LLC\r\n\r\nCoreCollaboration\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Multiple vulnerabilities in PostgreSQL, the most serious of\r\nwhich may lead to arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in PostgreSQL. These\r\nissues were addressed by updating PostgreSQL to version 9.2.7.\r\nCVE-ID\r\nCVE-2014-0060\r\nCVE-2014-0061\r\nCVE-2014-0062\r\nCVE-2014-0063\r\nCVE-2014-0064\r\nCVE-2014-0065\r\nCVE-2014-0066\r\n\r\nMail Service\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Group SACL changes for Mail may not be respected until after\r\na restart of the Mail service\r\nDescription: SACL settings for Mail were cached and changes to the\r\nSACLs were not respected until after a restart of the Mail service.\r\nThis issue was addressed by resetting the cache upon changes to the\r\nSACLs.\r\nCVE-ID\r\nCVE-2014-4446 : Craig Courtney\r\n\r\nProfile Manager\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Multiple vulnerabilities in LibYAML, the most serious of\r\nwhich may lead to arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in LibYAML. These\r\nissues were addressed by switching from YAML to JSON as Profile\r\nManager's internal serialization format.\r\nCVE-ID\r\nCVE-2013-4164\r\nCVE-2013-6393\r\n\r\nProfile Manager\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: A local user may obtain passwords after setting up or\r\nediting profiles in Profile Manager\r\nDescription: In certain circumstances, setting up or editing\r\nprofiles in Profile Manager may have logged passwords to a file. This\r\nissue was addressed through improved handling of credentials.\r\nCVE-ID\r\nCVE-2014-4447 : Mayo Jordanov\r\n\r\nServer\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 when a cipher suite uses a block cipher in CBC mode. An attacker\r\ncould force the use of SSL 3.0, even when the server would support a\r\nbetter TLS version, by blocking TLS 1.0 and higher connection\r\nattempts. This issue was addressed by disabling SSL 3.0 support in\r\nWeb Server, Calendar & Contacts Server, and Remote Administration.\r\nCVE-ID\r\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\r\nGoogle Security Team\r\n\r\nServerRuby\r\nAvailable for: OS X Yosemite v10.10 or later\r\nImpact: Running a Ruby script that handles untrusted YAML tags may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An integer overflow issue existed in LibYAML's handling\r\nof YAML tags. This issue was addressed through additional validation\r\nof YAML tags. This issue does not affect systems prior to OS X\r\nMavericks.\r\nCVE-ID\r\nCVE-2013-6393\r\n\r\n\r\nOS X Server v4.0 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJUQCLKAAoJEBcWfLTuOo7tqr0P/1fGVeD8xAAgMRpH/hYYkKpj\r\nCGKAUBfTXM9clAhUHP1Es+T1qG67JX9CNrrl5yKMQCupojgNIkO1D0Pj5QlLZzkL\r\nHR6AgI8eYeykiw8VRFI8DC7f3q/A1aRrijj8bPQ6BoPUq28Vya/GjEAMxV1l21l1\r\nqLyNiDH8X8DC/CWyxOXVMD4yqIpzCOPEIAvgV1aB0z1UEdw7fLLBCEIAkNR3tL9M\r\n5OlRT8X4dzpx3YpTvlB9s7zIAPtLgTjcVpPbkT2yJ9OZsewml2aFM7NWDYpYhIRg\r\nz7bOMmKZep15a+XeXH7cdqXMfHW/XGdkYF/4Z85wHG44Kebaikq+K0XoTxjHlqXi\r\n9rtNdcwh+p4DxTQNO0fK7WbfAo7FiF6aonY9D9hp47jbhB9KODVeOpqo6B7sOudq\r\ntBAAS1pBbrsULUWRCZRaN3LlPigtInqIIPuLGVQx4ApUo1guxXb0A88ZU3yiR+Bl\r\nRJHAEoevKjqhLiZDt1V8sSk6sPAh7p02deP5RDIwNJfapP+RrXoJ6knexRD44kNb\r\nMwVD6a2EcOoRFgwcjvgFZ1etpoHT/VAs7Ql/GjWN5snDLsZ/vlGtSPn1i3kjkxBZ\r\noYDmJfC91RoC6exW7img3H9csN0sgtVGJRLrf6cdg41EjVjQaUUVQfBn/DVVyMb8\r\nfIWnhQEvESJVqfrk3Q3X\r\n=LbVb\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-10-18T00:00:00", "published": "2014-10-18T00:00:00", "id": "SECURITYVULNS:DOC:31300", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31300", "title": "APPLE-SA-2014-10-16-3 OS X Server v4.0", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:57", "bulletinFamily": "software", "cvelist": ["CVE-2014-4433", "CVE-2014-3566", "CVE-2014-4371", "CVE-2014-4430", "CVE-2014-4437", "CVE-2014-4405", "CVE-2014-4351", "CVE-2014-4422", "CVE-2014-4424", "CVE-2014-4441", "CVE-2014-4428", "CVE-2014-4444", "CVE-2014-4388", "CVE-2014-7169", "CVE-2014-4391", "CVE-2014-4443", "CVE-2014-4375", "CVE-2014-4406", "CVE-2014-4421", "CVE-2014-0098", "CVE-2013-3919", "CVE-2014-4440", "CVE-2014-0065", "CVE-2014-4431", "CVE-2013-6438", "CVE-2014-4408", "CVE-2014-4426", "CVE-2014-3537", "CVE-2014-0064", "CVE-2014-0591", "CVE-2014-4439", "CVE-2014-0063", "CVE-2014-4438", "CVE-2013-5150", "CVE-2014-6271", "CVE-2013-6393", "CVE-2014-4434", "CVE-2014-0060", "CVE-2014-4425", "CVE-2014-4417", "CVE-2014-4442", "CVE-2014-0062", "CVE-2014-4446", "CVE-2014-4418", "CVE-2014-4404", "CVE-2014-4420", "CVE-2013-4854", "CVE-2014-0066", "CVE-2014-4427", "CVE-2014-4435", "CVE-2011-2391", "CVE-2014-4407", "CVE-2013-4164", "CVE-2014-4447", "CVE-2014-4436", "CVE-2014-4432", "CVE-2014-4380", "CVE-2014-0061", "CVE-2014-4364", "CVE-2014-4419", "CVE-2014-4373"], "description": "62 vulnerabilities in different system components.", "edition": 1, "modified": "2014-10-18T00:00:00", "published": "2014-10-18T00:00:00", "id": "SECURITYVULNS:VULN:14050", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14050", "title": "Apple OS X / OS X Server multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:28:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1115\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/031918.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1115.html", "edition": 3, "modified": "2013-07-30T04:50:14", "published": "2013-07-30T04:50:14", "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/031918.html", "id": "CESA-2013:1115", "title": "bind97 security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:45", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1114\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/031917.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-sdb\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1114.html", "edition": 3, "modified": "2013-07-30T04:35:38", "published": "2013-07-30T04:35:38", "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/031917.html", "id": "CESA-2013:1114", "title": "bind security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "[32:9.7.0-17.P2.2]\n- fix for CVE-2013-4854", "edition": 4, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "ELSA-2013-1115", "href": "http://linux.oracle.com/errata/ELSA-2013-1115.html", "title": "bind97 security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2266", "CVE-2014-0591", "CVE-2013-4854"], "description": "[32:9.7.0-21.P2]\r\n- Fix CVE-2014-0591\r\n \n[32:9.7.0-20.P2]\r\n- Fix init script to not unmount filesystem when ROOTDIR is empty (#1059118)\r\n \n[32:9.7.0-19.P2]\r\n- fix for CVE-2013-4854\r\n \n[32:9.7.0-18.P2]\r\n- fix CVE-2013-2266\r\n ", "edition": 4, "modified": "2014-09-17T00:00:00", "published": "2014-09-17T00:00:00", "id": "ELSA-2014-1244", "href": "http://linux.oracle.com/errata/ELSA-2014-1244.html", "title": "bind97 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2014-0591", "CVE-2013-4854"], "description": "[32:9.8.2-0.23.rc1.1]\n- Fix CVE-2014-0591\n[32:9.8.2-0.23.rc1]\n- Fix gssapictx memory leak (#911167)\n[32:9.8.2-0.22.rc1]\n- fix CVE-2013-4854\n[32:9.8.2-0.21.rc1]\n- fix CVE-2013-2266\n- ship dns/rrl.h in -devel subpkg\n[32:9.8.2-0.20.rc1]\n- remove one bogus file from /usr/share/doc, introduced by RRL patch\n[32:9.8.2-0.19.rc1]\n- fix CVE-2012-5689\n[32:9.8.2-0.18.rc1]\n- add response rate limit patch (#873624)", "edition": 4, "modified": "2014-01-20T00:00:00", "published": "2014-01-20T00:00:00", "id": "ELSA-2014-0043", "href": "http://linux.oracle.com/errata/ELSA-2014-0043.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:36:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "Maxim Shudrak discovered that Bind incorrectly handled certain malformed \nrdata. A remote attacker could use this flaw with a specially crafted \nquery to cause Bind to stop responding, resulting in a denial of service.", "edition": 5, "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "USN-1910-1", "href": "https://ubuntu.com/security/notices/USN-1910-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "zdi": [{"lastseen": "2020-06-22T11:41:07", "bulletinFamily": "info", "cvelist": ["CVE-2013-4854"], "edition": 3, "description": "This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of an rdata section with a length that is less than four. The issue lies in the creation of an error message when an invalid message class is specified. An attacker can leverage this vulnerability to crash a remote instance of ISC BIND.", "modified": "2013-06-22T00:00:00", "published": "2013-08-13T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-13-210/", "id": "ZDI-13-210", "title": "ISC BIND rdata Denial Of Service Vulnerability", "type": "zdi", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2013-08-02T22:04:32", "published": "2013-08-02T22:04:32", "id": "FEDORA:DF88222B91", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-5.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854", "CVE-2014-0591"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2014-01-18T04:21:45", "published": "2014-01-18T04:21:45", "id": "FEDORA:39DB62120F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-14.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854", "CVE-2014-0591", "CVE-2014-8500"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-01-06T06:13:56", "published": "2015-01-06T06:13:56", "id": "FEDORA:0A72460CC887", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: bind-9.9.3-16.P2.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2266", "CVE-2013-3919", "CVE-2013-4854"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2013-08-04T00:13:45", "published": "2013-08-04T00:13:45", "id": "FEDORA:C1FBF26597", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "slackware": [{"lastseen": "2020-10-25T16:36:14", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/bind-9.9.3_P2-i486-1_slack14.0.txz: Upgraded.\n This update fixes a security issue where a specially crafted query can cause\n BIND to terminate abnormally, resulting in a denial of service.\n For more information, see:\n https://kb.isc.org/article/AA-01015\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.5_P2-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.5_P2-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.5_P2-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.5_P2-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.5_P2-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.5_P2-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.5_P2-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.5_P2-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.3_P2-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.3_P2-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.3_P2-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.3_P2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\nb71ecb3585584e533a3120fb5b455108 bind-9.8.5_P2-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n636519bd25abc6d98fe888b69b0cb7ab bind-9.8.5_P2-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n6aca45be4b57ad94424055ec2c0be44f bind-9.8.5_P2-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nd4be81a262b7d43d04c370f54749c27e bind-9.8.5_P2-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nb1398b8594850bfcfefc80a9771750c9 bind-9.8.5_P2-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n5a4c6cd8631b928ec499583bed4950cb bind-9.8.5_P2-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n695ccd0073b9ac5e77f97baf3d59664b bind-9.8.5_P2-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\na8a263ce4cd00596666fe24dcc5c49ef bind-9.8.5_P2-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n33044470839cbf0a3948debfec9acc8e bind-9.9.3_P2-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n080e68a54e368d2c19a35004be00c971 bind-9.9.3_P2-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n23363bfc2bc8056cade9feca02521ae2 n/bind-9.9.3_P2-i486-1.txz\n\nSlackware x86_64 -current package:\n47f3d5dfcc55a467aee082174552c7a4 n/bind-9.9.3_P2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.9.3_P2-i486-1_slack14.0.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2013-08-06T07:20:18", "published": "2013-08-06T07:20:18", "id": "SSA-2013-218-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.509431", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:12:04", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2728-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJuly 27, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-4854\nDebian Bug : 717936\n\nMaxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze11.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u1.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 4, "modified": "2013-07-27T13:28:47", "published": "2013-07-27T13:28:47", "id": "DEBIAN:DSA-2728-1:901CB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00138.html", "title": "[SECURITY] [DSA 2728-1] bind9 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:34", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4854"], "description": "\nISC reports:\n\nA specially crafted query that includes malformed\n\t rdata can cause named to terminate with an assertion\n\t failure while rejecting the malformed query.\n\n", "edition": 4, "modified": "2016-08-09T00:00:00", "published": "2013-07-26T00:00:00", "id": "7943E521-F648-11E2-8607-3C970E169BC2", "href": "https://vuxml.freebsd.org/freebsd/7943e521-f648-11e2-8607-3c970e169bc2.html", "title": "bind -- denial of service vulnerability", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:10:57", "description": " - update to 9.9.3-P2 (fix for CVE-2013-4854)\n\n - update RRL patch to 9.9.3-P2-rl.13207.22\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-08-05T00:00:00", "title": "Fedora 18 : bind-9.9.3-4.P2.fc18 (2013-13831)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-08-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:bind"], "id": "FEDORA_2013-13831.NASL", "href": "https://www.tenable.com/plugins/nessus/69210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13831.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69210);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_bugtraq_id(61479);\n script_xref(name:\"FEDORA\", value:\"2013-13831\");\n\n script_name(english:\"Fedora 18 : bind-9.9.3-4.P2.fc18 (2013-13831)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update to 9.9.3-P2 (fix for CVE-2013-4854)\n\n - update RRL patch to 9.9.3-P2-rl.13207.22\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=988999\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1ead1d1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"bind-9.9.3-4.P2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-25T09:14:48", "description": "Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "edition": 24, "published": "2013-07-30T00:00:00", "title": "RHEL 6 : bind (RHSA-2013:1114)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"], "id": "REDHAT-RHSA-2013-1114.NASL", "href": "https://www.tenable.com/plugins/nessus/69110", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1114. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69110);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_bugtraq_id(61479);\n script_xref(name:\"RHSA\", value:\"2013:1114\");\n\n script_name(english:\"RHEL 6 : bind (RHSA-2013:1114)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n # https://kb.isc.org/article/AA-01015\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-4854\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1114\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-debuginfo-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-devel-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-libs-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-utils-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-utils-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-utils-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T09:47:59", "description": "Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.", "edition": 17, "published": "2013-07-29T00:00:00", "title": "Debian DSA-2728-1 : bind9 - denial of service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2728.NASL", "href": "https://www.tenable.com/plugins/nessus/69094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2728. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69094);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_xref(name:\"DSA\", value:\"2728\");\n\n script_name(english:\"Debian DSA-2728-1 : bind9 - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2728\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the oldstable distribution (squeeze), this problem has been fixed\nin version 1:9.7.3.dfsg-1~squeeze11.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"bind9\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-doc\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-host\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9utils\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"dnsutils\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"host\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind-dev\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind9-60\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libdns69\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisc62\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccc60\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccfg62\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"liblwres60\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lwresd\", reference:\"1:9.7.3.dfsg-1~squeeze11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"bind9\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"bind9-doc\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"bind9-host\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"bind9utils\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dnsutils\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"host\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbind-dev\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbind9-80\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libdns88\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libisc84\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libisccc80\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libisccfg82\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"liblwres80\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lwresd\", reference:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:28:49", "description": "Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "edition": 24, "published": "2013-07-31T00:00:00", "title": "CentOS 6 : bind (CESA-2013:1114)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-devel", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-chroot"], "id": "CENTOS_RHSA-2013-1114.NASL", "href": "https://www.tenable.com/plugins/nessus/69140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1114 and \n# CentOS Errata and Security Advisory 2013:1114 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69140);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_bugtraq_id(61479);\n script_xref(name:\"RHSA\", value:\"2013:1114\");\n\n script_name(english:\"CentOS 6 : bind (CESA-2013:1114)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-July/019879.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6471737d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-4854\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-9.8.2-0.17.rc1.el6_4.5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-chroot-9.8.2-0.17.rc1.el6_4.5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-devel-9.8.2-0.17.rc1.el6_4.5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-libs-9.8.2-0.17.rc1.el6_4.5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-sdb-9.8.2-0.17.rc1.el6_4.5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"bind-utils-9.8.2-0.17.rc1.el6_4.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:10:57", "description": " - update to 9.9.3-P2 (fix for CVE-2013-4854)\n\n - update RRL patch to 9.9.3-P2-rl.13207.22\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-08-05T00:00:00", "title": "Fedora 19 : bind-9.9.3-5.P2.fc19 (2013-13863)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-08-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:bind"], "id": "FEDORA_2013-13863.NASL", "href": "https://www.tenable.com/plugins/nessus/69211", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13863.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69211);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_bugtraq_id(61479);\n script_xref(name:\"FEDORA\", value:\"2013-13863\");\n\n script_name(english:\"Fedora 19 : bind-9.9.3-5.P2.fc19 (2013-13863)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update to 9.9.3-P2 (fix for CVE-2013-4854)\n\n - update RRL patch to 9.9.3-P2-rl.13207.22\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=988999\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?294f9597\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"bind-9.9.3-5.P2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T16:34:01", "description": "The BIND nameserver was updated to 9.9.3P2 to fix a security issue\nwhere incorrect bounds checking on private type 'keydata' could lead\nto a remotely triggerable REQUIRE failure. (CVE-2013-4854, bnc#831899)", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : bind (openSUSE-SU-2013:1353-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind-debugsource", "p-cpe:/a:novell:opensuse:bind-chrootenv", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:bind-lwresd", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-utils-debuginfo", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:bind"], "id": "OPENSUSE-2013-654.NASL", "href": "https://www.tenable.com/plugins/nessus/75123", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-654.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75123);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2013-4854\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2013:1353-1)\");\n script_summary(english:\"Check for the openSUSE-2013-654 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The BIND nameserver was updated to 9.9.3P2 to fix a security issue\nwhere incorrect bounds checking on private type 'keydata' could lead\nto a remotely triggerable REQUIRE failure. (CVE-2013-4854, bnc#831899)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-08/msg00039.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-chrootenv-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-debuginfo-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-debugsource-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-devel-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-libs-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-libs-debuginfo-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-lwresd-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-lwresd-debuginfo-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-utils-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"bind-utils-debuginfo-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.2P2-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-chrootenv-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-debuginfo-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-debugsource-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-devel-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-libs-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-libs-debuginfo-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-lwresd-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-lwresd-debuginfo-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-utils-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"bind-utils-debuginfo-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.3P2-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"bind-libs-debuginfo-32bit-9.9.3P2-2.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:09:58", "description": "New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1,\n13.37, 14.0, and -current to fix a security issue.", "edition": 23, "published": "2013-08-07T00:00:00", "title": "Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-218-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2013-218-01.NASL", "href": "https://www.tenable.com/plugins/nessus/69224", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2013-218-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69224);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_bugtraq_id(61479);\n script_xref(name:\"SSA\", value:\"2013-218-01\");\n\n script_name(english:\"Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-218-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1,\n13.37, 14.0, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.509431\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c951c761\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.8.5_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"bind\", pkgver:\"9.9.3_P2\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.3_P2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.9.3_P2\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.9.3_P2\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-18T02:47:14", "description": "A denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 13, "published": "2013-07-31T00:00:00", "title": "Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20130730)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-31T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind97-chroot", "p-cpe:/a:fermilab:scientific_linux:bind97-debuginfo", "p-cpe:/a:fermilab:scientific_linux:bind97-libs", "p-cpe:/a:fermilab:scientific_linux:bind97-devel", "p-cpe:/a:fermilab:scientific_linux:bind97-utils", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind97"], "id": "SL_20130730_BIND97_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/69164", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69164);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2013-4854\");\n\n script_name(english:\"Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20130730)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in BIND. A remote attacker could\nuse this flaw to send a specially crafted DNS query to named that,\nwhen processed, would cause named to crash when rejecting the\nmalformed query. (CVE-2013-4854)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1307&L=scientific-linux-errata&T=0&P=2314\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b8d7877\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind97-9.7.0-17.P2.el5_9.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-chroot-9.7.0-17.P2.el5_9.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-debuginfo-9.7.0-17.P2.el5_9.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-devel-9.7.0-17.P2.el5_9.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-libs-9.7.0-17.P2.el5_9.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind97-utils-9.7.0-17.P2.el5_9.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-debuginfo / bind97-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T10:46:00", "description": "ISC reports :\n\nA specially crafted query that includes malformed rdata can cause\nnamed to terminate with an assertion failure while rejecting the\nmalformed query.", "edition": 24, "published": "2013-07-28T00:00:00", "title": "FreeBSD : bind -- denial of service vulnerability (7943e521-f648-11e2-8607-3c970e169bc2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-28T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:bind99-base", "p-cpe:/a:freebsd:freebsd:bind98-base", "p-cpe:/a:freebsd:freebsd:bind99", "p-cpe:/a:freebsd:freebsd:bind98"], "id": "FREEBSD_PKG_7943E521F64811E286073C970E169BC2.NASL", "href": "https://www.tenable.com/plugins/nessus/69088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69088);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4854\");\n script_xref(name:\"FreeBSD\", value:\"SA-13:07.bind\");\n\n script_name(english:\"FreeBSD : bind -- denial of service vulnerability (7943e521-f648-11e2-8607-3c970e169bc2)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nA specially crafted query that includes malformed rdata can cause\nnamed to terminate with an assertion failure while rejecting the\nmalformed query.\"\n );\n # https://kb.isc.org/article/AA-01015/0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://kb.isc.org/docs/aa-01015\"\n );\n # https://vuxml.freebsd.org/freebsd/7943e521-f648-11e2-8607-3c970e169bc2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b724e6c0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind98\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind98-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bind99-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bind99>9.9.3<9.9.3.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind99-base>9.9.3<9.9.3.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind98>9.8.5<9.8.5.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bind98-base>9.8.5<9.8.5.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-05T12:28:55", "description": "A specially crafted query with malicious rdata could have caused a\ncrash (DoS) in named.", "edition": 16, "published": "2013-08-08T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : bind (SAT Patch Numbers 8160 / 8161)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "modified": "2013-08-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:bind-libs", "p-cpe:/a:novell:suse_linux:11:bind-doc", "p-cpe:/a:novell:suse_linux:11:bind", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:bind-utils", "p-cpe:/a:novell:suse_linux:11:bind-libs-32bit", "p-cpe:/a:novell:suse_linux:11:bind-chrootenv"], "id": "SUSE_11_BIND-130805.NASL", "href": "https://www.tenable.com/plugins/nessus/69259", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69259);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2013-4854\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : bind (SAT Patch Numbers 8160 / 8161)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A specially crafted query with malicious rdata could have caused a\ncrash (DoS) in named.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4854.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8160 / 8161 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"bind-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"bind-chrootenv-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"bind-doc-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"bind-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"bind-chrootenv-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"bind-doc-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"bind-libs-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"bind-utils-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.3P2-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-03-17T23:02:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120431", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-214)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120431\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:26:14 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-214)\");\n script_tag(name:\"insight\", value:\"A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854 )\");\n script_tag(name:\"solution\", value:\"Run yum update bind to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-214.html\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Oracle Linux Local Security Checks ELSA-2013-1115", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123591", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123591", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-1115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1115.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123591\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:57 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1115\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1115 - bind97 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1115\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1115.html\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~17.P2.el5_9.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~17.P2.el5_9.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~17.P2.el5_9.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~17.P2.el5_9.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~17.P2.el5_9.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-23T13:10:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Check for the Version of bind9", "modified": "2018-01-23T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:841523", "href": "http://plugins.openvas.org/nasl.php?oid=841523", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1910-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1910_1.nasl 8494 2018-01-23 06:57:55Z teissa $\n#\n# Ubuntu Update for bind9 USN-1910-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841523);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:47:40 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for bind9 USN-1910-1\");\n\n tag_insight = \"Maxim Shudrak discovered that Bind incorrectly handled certain malformed\nrdata. A remote attacker could use this flaw with a specially crafted\nquery to cause Bind to stop responding, resulting in a denial of service.\";\n\n tag_affected = \"bind9 on Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1910-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1910-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of bind9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns81\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4.2ubuntu3.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns81\", ver:\"1:9.8.1.dfsg.P1-4.2ubuntu3.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.2.dfsg.P1-2ubuntu2.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns95\", ver:\"1:9.9.2.dfsg.P1-2ubuntu2.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-08-01T00:00:00", "id": "OPENVAS:1361412562310881775", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881775", "type": "openvas", "title": "CentOS Update for bind CESA-2013:1114 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2013:1114 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881775\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:44:42 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Update for bind CESA-2013:1114 centos6\");\n\n script_tag(name:\"affected\", value:\"bind on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named) a\nresolver library (routines for applications to use when interfacing with\nDNS) and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2013:1114\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-July/019879.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-22T13:10:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Check for the Version of bind", "modified": "2018-01-22T00:00:00", "published": "2013-08-20T00:00:00", "id": "OPENVAS:866823", "href": "http://plugins.openvas.org/nasl.php?oid=866823", "type": "openvas", "title": "Fedora Update for bind FEDORA-2013-13863", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2013-13863\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866823);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:29:55 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for bind FEDORA-2013-13863\");\n\n tag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n(Domain Name System) protocols. BIND includes a DNS server (named),\nwhich resolves host names to IP addresses a resolver library\n(routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating properly.\n\";\n\n tag_affected = \"bind on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13863\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.3~5.P2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.", "modified": "2019-03-18T00:00:00", "published": "2013-07-27T00:00:00", "id": "OPENVAS:1361412562310892728", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892728", "type": "openvas", "title": "Debian Security Advisory DSA 2728-1 (bind9 - denial of service)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2728.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 2728-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892728\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2013-4854\");\n script_name(\"Debian Security Advisory DSA 2728-1 (bind9 - denial of service)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-27 00:00:00 +0200 (Sat, 27 Jul 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2728.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"bind9 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze11.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u1.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns88\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc84\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg82\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:1361412562310841523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841523", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1910-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1910_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for bind9 USN-1910-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841523\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:47:40 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for bind9 USN-1910-1\");\n\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 13.04,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Maxim Shudrak discovered that Bind incorrectly handled certain malformed\nrdata. A remote attacker could use this flaw with a specially crafted\nquery to cause Bind to stop responding, resulting in a denial of service.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1910-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1910-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind9'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|10\\.04 LTS|12\\.10|13\\.04)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns81\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.7\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4.2ubuntu3.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns81\", ver:\"1:9.8.1.dfsg.P1-4.2ubuntu3.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.2.dfsg.P1-2ubuntu2.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns95\", ver:\"1:9.9.2.dfsg.P1-2ubuntu2.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-18T11:09:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Check for the Version of bind", "modified": "2018-01-18T00:00:00", "published": "2013-08-01T00:00:00", "id": "OPENVAS:881775", "href": "http://plugins.openvas.org/nasl.php?oid=881775", "type": "openvas", "title": "CentOS Update for bind CESA-2013:1114 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2013:1114 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named) a\nresolver library (routines for applications to use when interfacing with\nDNS) and tools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in BIND. A remote attacker could use\nthis flaw to send a specially-crafted DNS query to named that, when\nprocessed, would cause named to crash when rejecting the malformed query.\n(CVE-2013-4854)\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\";\n\n\nif(description)\n{\n script_id(881775);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:44:42 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Update for bind CESA-2013:1114 centos6 \");\n\n\n tag_affected = \"bind on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1114\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-July/019879.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.el6_4.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:52:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.", "modified": "2017-07-07T00:00:00", "published": "2013-07-27T00:00:00", "id": "OPENVAS:892728", "href": "http://plugins.openvas.org/nasl.php?oid=892728", "type": "openvas", "title": "Debian Security Advisory DSA 2728-1 (bind9 - denial of service)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2728.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2728-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"bind9 on Debian Linux\";\ntag_insight = \"The Berkeley Internet Name Domain (BIND) implements an Internet domain\nname server. BIND is the most widely-used name server software on the\nInternet, and is supported by the Internet Software Consortium, www.isc.org.\nThis package provides the server and related configuration files.\";\ntag_solution = \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze11.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u1.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\";\ntag_summary = \"Maxim Shudrak and the HP Zero Day Initiative reported a denial of\nservice vulnerability in BIND, a DNS server. A specially crafted query\nthat includes malformed rdata can cause named daemon to terminate with\nan assertion failure while rejecting the malformed query.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892728);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-4854\");\n script_name(\"Debian Security Advisory DSA 2728-1 (bind9 - denial of service)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-07-27 00:00:00 +0200 (Sat, 27 Jul 2013)\");\n script_tag(name: \"cvss_base\", value:\"7.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2728.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns88\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc84\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg82\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres80\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.8.4.dfsg.P1-6+nmu2+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4854"], "description": "Oracle Linux Local Security Checks ELSA-2013-1114", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123592", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-1114", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1114.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123592\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:57 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1114\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1114 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1114\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1114.html\");\n script_cve_id(\"CVE-2013-4854\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.8.2~0.17.rc1.0.2.el6_4.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "seebug": [{"lastseen": "2017-11-19T21:21:08", "description": "Bugtraq ID:61479\r\nCVE ID:CVE-2013-4854\r\n\r\nISC BIND\u662f\u4e00\u6b3eDNS\u534f\u8bae\u7684\u5b9e\u73b0\r\n\r\nISC BIND\u5728\u89e3\u6790DNS\u67e5\u8be2\u4e2d\u7684RDATA\u6570\u636e\u65f6\u5b58\u5728\u9519\u8bef\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u5305\u542b\u7578\u5f62RDATA\u6570\u636e\u7684\u7279\u6b8a\u67e5\u8be2\u53ef\u89e6\u53d1REQUIRE\u65ad\u8a00\uff0c\u4f7f\u670d\u52a1\u7a0b\u5e8f\u5d29\u6e83\u3002\u6b64\u6f0f\u6d1e\u5df2\u7ecf\u5728\u7f51\u7edc\u4e0a\u79ef\u6781\u5229\u7528\uff0c\u6743\u5a01\u548c\u9012\u5f52\u670d\u52a1\u5668\u90fd\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\n0\nISC BIND 9.8.0 - 9.8.5-P1\r\nISC BIND 9.9.0 - 9.9.3-P1\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nISC BIND 9.8.5-P2\uff0c9.9.3-P2\u548c9.9.3-S1-P1\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://www.isc.org/downloads/bind/", "published": "2013-07-30T00:00:00", "title": "ISC BIND 9 DNS RDATA\u5904\u7406\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-4854"], "modified": "2013-07-30T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60926", "id": "SSV:60926", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "gentoo": [{"lastseen": "2016-09-06T19:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5689", "CVE-2013-2266", "CVE-2013-3919", "CVE-2012-5688", "CVE-2012-5166", "CVE-2014-0591", "CVE-2013-4854"], "edition": 1, "description": "### Background\n\nBIND is the Berkeley Internet Name Domain Server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll BIND users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.9.4_p2\"", "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "GLSA-201401-34", "href": "https://security.gentoo.org/glsa/201401-34", "type": "gentoo", "title": "BIND: Denial of Service", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}
