ID RHSA-2007:0740 Type redhat Reporter RedHat Modified 2019-03-22T23:43:48
Description
ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.
A flaw was found in the way BIND generates outbound DNS query ids. If an
attacker is able to acquire a finite set of query IDs, it becomes possible
to accurately predict future query IDs. Future query ID prediction may
allow an attacker to conduct a DNS cache poisoning attack, which can result
in the DNS server returning incorrect client query data. (CVE-2007-2926)
Users of BIND are advised to upgrade to these updated packages, which
contain backported patches to correct this issue.
{"cve": [{"lastseen": "2021-02-02T05:31:24", "description": "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.", "edition": 4, "cvss3": {}, "published": "2007-07-24T17:30:00", "title": "CVE-2007-2926", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2926"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.5"], "id": "CVE-2007-2926", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2926", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2020-11-11T13:11:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1341-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 25th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : design error\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-2926\n\nAmit Klein discovered that the BIND name server generates predictable \nDNS query IDs, which may lead to cache poisoning attacks.\n\nAn update for the oldstable distribution (sarge) is in preparation. It\nwill be released soon.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 9.3.4-2etch1. An update for mips is not yet available, it will\nbe released soon.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your BIND packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.dsc\n Size/MD5 checksum: 758 428b3a45636c78046dbb77d9335a9973\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.diff.gz\n Size/MD5 checksum: 287783 47a34c979ee9db072b37e2ae0ad0bdec\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz\n Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch1_all.deb\n Size/MD5 checksum: 186546 3ac7d54f57348ac941d5e0812ccc12f5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 322456 dfe4b93bc4f56fd5dd0d8e2d1998ad28\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 115188 9e79109d03b06a82561bb3245d85b53c\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 188024 9df9116f4e4d87dd6d1f310506762d05\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 1407446 2c263eb7c5a053db9127f5bb4ea3e63a\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 96012 39238a7c31a2f36fcd55152cf3c3314e\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 566696 a5cb0c0f4e1935fd836d17baed691184\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 189572 8ec031302a94a02a09b0af196bd300dc\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 97650 0075b972a1a8893cd71c66bcaaff95d4\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 111912 cae6cf777332ed408fd6b122198d325f\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 115874 fc5f861aad1689c7aeba2f1f012324ba\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 225398 f4b2582ac5d26563becd0b83e7f054ba\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 317188 4426301631236673c7501c63d7d1be64\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 116584 8485c57afdaefb85a77c2cec61bb0b7b\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 190490 8081ccaac50c67c51e9a49804d22e2f1\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 1110612 dfa5a6f773e5cc985ca15b08cf868afc\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 95162 de0fd449293c68f17886b9fcf8aaf3e0\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 553466 7a6494a6bd042ccf5df4d99d6c5c2542\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 186922 83db82dca4032d2326be7b1bb8624d19\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 95958 76cf006f35ab0fe0d5db1bea77902e7c\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 110608 099dbfa728bbd0ba230362327b96af33\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 113880 b90a561a40975ea4cddd3f59dc2d5a6b\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 223960 34ce7a0693aadc21ece63efc42717dc3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 311286 ddc9ebd93f06b76792798a6a5bc01d34\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 115332 36e51f58ed0be288c2ab066bd0e1e763\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 187714 7ade5d593bef956f1dd7769c29f6551f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 1257768 dcffd2d0af9262b3b3c2d1b8166d9c65\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 96256 c10cd5cc0d827b485e7a6b1d06342992\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 545018 c8a2f5a0a086a858ce4ae4e9c096d28c\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 185090 039d93f2286fa4974c360745f6e7ec89\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 96074 98b897d5f0c8ff086514d86801122d30\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 112556 16330ecebbd5be5dcfbfa7acb67c89aa\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 113746 ccb0abb76e39395ec051eac5b10ab3bb\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 216754 94ea9e9fc614f3ae44e184d4a070dee8\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 294096 a54d3779c21bc3d3ea13b8991aedd55c\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 112686 91b9f6ad1fe1d3bed4473e844060755d\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 180052 acdaa5225d7a8a46dfa018d33b85917f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 995710 8d44e9f8b65868d201cc0593c035a0b2\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 94040 208d791ca231d336850b8526b61dc547\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 473758 f0ca4e1c62970bcdb4ca0e4fec82bd20\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 168910 f1be1c9a61bb8c1a7b28a73144a0febc\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 94014 3927f50039cb5a3815d37ee60b8f0805\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 105664 24dd5215d1eb5aabe10f68bd379dfbf5\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 109552 9211a8f796f460cb1674ad233f99f0b8\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 206122 5f581d25b7eac5d9924633c48374cfd9\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 392704 fbb60f8a53e1df4370f6b1fa04dcaa7f\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 125346 d7b91c0fd8c935dc80d5c2f10dfb71cd\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 215892 d8b6b3e6a35d326074763dcb6f2a02d1\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 1585738 f246e3455fdcc4bede6aaa4feb7e5a4c\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 99586 a6a90361dbe16b55fac090b6221bb2b6\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 742434 2d827017a7f76dbaae60ac1c827c7375\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 231552 8968c74dabdb69eeb4091e8a8d4b2139\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 102034 da5aec0bfc2e2f8c659f563a8774596a\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 117356 99c85d5fd4b7790a8a3fbe0b66c55ce8\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 127150 3f764e3176185b773ddfa988105dce93\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 280214 ca7ba1f13de17522a302538390731a11\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 298960 386cfb4312bfed69a2ed12304609a3ed\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 112532 92eb6f06d4a18dca899f5d23caddea3b\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 179148 4ca657710b1071bac2ebd2a27ac1122c\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 1206278 03496e479c5e92c1e4e6bbb63c54f73b\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 93742 cb50eb9cce7422e8879aa796dfdb7b8d\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 489944 ab86bfaff22e47af0bfd3fc57c0db801\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 173664 03c3008a5493f50b453ac239e843a5db\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 94564 5c1aab5f8cee9fac9e678737b5171ecc\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 106766 7d53ee8d69117fdde48a1074cfdd3f1b\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 109844 13abaab553f3c76403b948fea9d0cc1c\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 210372 4bdb416e4876166765b8aa3987d8e339\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 300740 b8f07903829e88e7dd495cb0866a1be4\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 113376 20cdab8f8babc1e60bcc6e34824be459\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 182824 7eb696a4324c5ad3f8b403a977c62c55\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 1169274 289ca4f005063dec3ad819896ba0afb1\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 95760 ca5d0db4143552b8570c766acea14a71\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 490474 ef3bc644324fd9293b8f132e3bdf6eef\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 173214 49a7fec7735be2fa5143280197d2e34d\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 95768 6970420c1ca23d748ed7bdf9efc029e1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 108868 a0be0fc5c4c666348cc11d3502fa8a30\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 111876 899a074f3970c21cb97e2d0b5a3b3606\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 206322 24bce060644edb83c85a83e1c0d81087\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 331352 1d686878f52e8d8a3a1a10dd5d1eeae2\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 117686 53039a718a231df07de1020ae4062d04\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 194230 4fefe9085f9c27fd11f63b944ebe1583\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 1138900 d511892e9f7b30f034d30d9b10722f67\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 95298 6f5505c5815bd05d5acca2a7bc918f52\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 581310 338f8914e14bfdc50835252d76f0fd42\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 196206 543df937ea45c7b5f784c1c952a7f5e0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 97416 fa1af3cf8a7416f3ed5b7d42c836b8b2\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 113884 2ec66079b2d2e11cf897f0977729a4c1\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 116232 f5fa31d37e78bbb36f73d53da5da27ea\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 233484 1dffc0d674f30381bbe5a7ffdbc30518\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 299544 d87837fe5a3f20c6a14fdf3318dd2262\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 113810 f403041c08435061da227325811fa162\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 183572 8af8396c1de389c5d59c043f957f6ffc\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 1122852 f127cc8eaf19ea1afc0e75d95dddfe01\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 94460 5a3a6e60c48ea5a2430852e8f0bdccde\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 495516 6be9e70176aea0f4103f66638d1ddb4e\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 174856 af7512793320752e3607994adcdf5192\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 94450 607818b14e52d297085cf59f207afce7\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 107158 67c296d0d2ca2bd11260b9433bb8b444\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 110702 0237570eab7e9344b78728b6ff4c3a55\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 210042 3d5b39b5e149149d314c3d3b0693e057\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2007-07-25T00:00:00", "published": "2007-07-25T00:00:00", "id": "DEBIAN:DSA-1341-1:6D610", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00102.html", "title": "[SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-11-11T13:29:39", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1341-2 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 25th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : design error\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-2926\n\nThis update provides fixed packages for the oldstable distribution (sarge).\nFor reference the original advisory text:\n\nAmit Klein discovered that the BIND name server generates predictable \nDNS query IDs, which may lead to cache poisoning attacks.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 9.2.4-1sarge3. An update for mips, powerpc and hppa is not yet\navailable, they will be released soon.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 9.3.4-2etch1. An update for mips is not yet available, it will\nbe released soon.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your BIND packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3.dsc\n Size/MD5 checksum: 741 1fa2bc8b46a0411cd491c0473105a342\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3.diff.gz\n Size/MD5 checksum: 101841 7adc3b3d1c7c87908a73e7d2456985bb\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4.orig.tar.gz\n Size/MD5 checksum: 4564219 2ccbddbab59aedd6b8711b628b5472bd\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.2.4-1sarge3_all.deb\n Size/MD5 checksum: 156958 0340dcd085472e06ec9dad363f80ebeb\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 308078 52d70058f6114eece5f5429dd774fef4\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 96950 e057773683872381ec4eff92b14ffcf6\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 169214 c8153e9d86913b5a6c0778b4d73fe4b4\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 1314552 287a71bed4089bb89edd55f6cb27b62b\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 523154 6bb71bf02b9d4ef3931745364a97cc19\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 174190 cc8e2d01bd5abac2cb92b3c9e7962c44\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 79570 5ab2753f2227cccf90a59c24bb1eb9c0\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 94594 136cd50cd8fbc6d9073693938f275d0a\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 97340 99b0751983bf6eef090692e133d0d519\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_alpha.deb\n Size/MD5 checksum: 199658 7cfc1d3c2ea61adb79dddb1f1568c907\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 288568 5a5f821c4dfe9e919750ec7877223451\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 95946 95faedc2186f40293c46821da0d2ffea\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 165168 a9bdb7b12d44748be590bf6292b18aba\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 1014760 0f682e95f084eff609e65adde4439164\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 490234 3192c3d956d3df8c51e588c45016b0f3\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 164636 81d26e56129ecfc15b6c04111ee83cf0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 77788 e1023188998136ff2074715294a10382\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 92944 c8e8fb8b6a9bd83fefdc7e9226c7c5d2\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 94100 947534b00f400b9b6641311b900a0885\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_amd64.deb\n Size/MD5 checksum: 189188 4cc765360a8d21a8e89daa945eb7453d\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 277680 cd73ff3c5836ad027e7950069eba547b\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 94084 fa42a6ccbf21ab98f6644a9b3c810282\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 159414 c27c24aaaef0522bac121b8872ba45a7\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 1037426 c41b93ea46c61cd13b1928791727eb7b\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 466072 4ae4a53402cad3cfba45bb3b5d249d0a\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 156826 17f390940fbb0bf6c3866d4039309cc7\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 75764 1574925a0914296854fc8830aeeccdbd\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 88304 f3c1e1a88b7efb2e6bd9f7b00c7c1e74\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 90420 869829ed274cbdfa154e6577e7e4e004\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_arm.deb\n Size/MD5 checksum: 182628 d578739558bc697c16327f42ddf26978\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 276544 64ca5ef977558b9285edf566a94814cd\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 93858 597a51f25f9fd80d7caabc1769d31c1d\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 158670 70d5cd53971f696002b8442900eae50a\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 955636 ed02b89b85afd0a0673b6cd5da14b851\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 459738 bf2027e9d8f0c7248d5b9c2ff9456363\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 154000 2f168be9dc8375bfa1e3ff3fae2a6a63\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 76272 c539fdb6acc7b6ed46a39fa153eab1c5\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 88566 663bea9b196c95975cce3bedc955d95d\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 91854 360f7264f25229d894e7f54d2823d15f\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_i386.deb\n Size/MD5 checksum: 182562 dbe15064e007ab38e99b0a6fc9cca0fa\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 358644 a754395fd648e5c642d12a7b27d4dc82\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 104626 e47db0abd3cfd6f035594d925969bc69\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 191392 562e8742d24370c60d36ea49557fbb0d\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 1405690 d7a5752eb04244d32957081d9f375c33\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 657200 ba6610c115c2849b0df040e6c1a272e8\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 202876 2c390be4f29c6d1ab68c86b36a8edee0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 82884 1f1d72e68809277b3bc16f91770a6155\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 100614 77e8658ddd7febb0712161c1b2e6844a\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 105584 b6bb791654abf1420fb9e84cb12f91c6\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_ia64.deb\n Size/MD5 checksum: 237662 227f7ab1aab61f504fe8315f63db2e44\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 262742 8804d245acdb74f7b4d52a99ebbe05ee\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 91962 8c9b8e70c7a61f9a1d2b40c85c466024\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 153920 7a62c842594b54c382f6de26b40a6784\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 880446 f0fb1e744f4052ce1476e1f39a2dd853\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 417972 2971a9046d321176516cc4191efd96dd\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 147238 dbf8c047ab65840729bb47c79a11267f\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 75328 5d3ab93eb0a80115f3c9d2f2ddf50e31\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 89690 dc26bf251ef1ea03e8057f20d477cc63\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 89716 9159b8ca3841f135c76f69f539314428\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_m68k.deb\n Size/MD5 checksum: 169830 81596024ee2ab158a66e5ea60e3dc1b7\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 288634 698e8151d8eadb2c947bf3fd0b93975d\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 92098 a1ce6e0be88dd7cd3f3d6cd47c39b2f8\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 154670 7dc88e61a2bace9d60562b98f41bd2f9\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 1088552 ed78389c8c1ac12e05f6862db19dfd84\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 455626 9a5eb8f661633ccb926902887552ede5\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 156872 5e2453f485ff3b1d3a6cc7053c58e518\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 76710 d7d15da3372ef950bacfe70c24d8db6b\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 89612 57ae2447f221b40755c3dc0cdb8ac794\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 91652 32a7ed0dd85de81ba1caf47cb2389a46\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_mipsel.deb\n Size/MD5 checksum: 181660 bc84952a85fba07b444ffe9ba3afa861\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 295738 7f9b8a22ae80f4a07d2684c94ee962bb\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 96376 bb99de7839b8c479d146b075cda4eec7\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 167250 ce835a47bbd8e2e24ce84800f5b5e207\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 1002430 42bec7cdeecdd61dbc641a1231f1b389\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 488760 17eb351a64465ea0b3d0110afccb1dd5\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 166296 07fe033391d502cbfd7abba33d6d8d0c\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 78182 f0645ab02f9471efe5edec67b8c0f74e\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 94742 f18ae647e743abedd9609455e80a9bec\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 93984 0adfd8465e0e1ec136d8feed953ccf8a\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_s390.deb\n Size/MD5 checksum: 193682 a9c9ae3b50383e9de32900b086e640c2\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 275498 5cfcadc9ffb2e2c8f4f7b7b0e52d65bc\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 94152 83b1a427fad05d8469b786fc0a2729c0\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 159912 907859f8dc9c4b4701c5e232b0d9f18e\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 1029066 811bb1289ece437352ce4f47f00e8690\n http://security.debian.org/pool/updates/main/b/bind9/libdns16_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 457612 0e91a40c9bee61b6f4d1e0797ac63f22\n http://security.debian.org/pool/updates/main/b/bind9/libisc7_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 158394 7d02a9f43974287cedbbf7dbdfa7d6ad\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 76058 6a93553152a886566ead1c41b03161a1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg0_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 89468 89542f6aca78589bf139cea4fbf29d97\n http://security.debian.org/pool/updates/main/b/bind9/liblwres1_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 91094 ccec458566cc570211c7add9866db5f0\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.2.4-1sarge3_sparc.deb\n Size/MD5 checksum: 181046 0bf943fbc04728032c7add5e74283ac6\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.dsc\n Size/MD5 checksum: 758 428b3a45636c78046dbb77d9335a9973\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.diff.gz\n Size/MD5 checksum: 287783 47a34c979ee9db072b37e2ae0ad0bdec\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz\n Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch1_all.deb\n Size/MD5 checksum: 186546 3ac7d54f57348ac941d5e0812ccc12f5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 322456 dfe4b93bc4f56fd5dd0d8e2d1998ad28\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 115188 9e79109d03b06a82561bb3245d85b53c\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 188024 9df9116f4e4d87dd6d1f310506762d05\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 1407446 2c263eb7c5a053db9127f5bb4ea3e63a\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 96012 39238a7c31a2f36fcd55152cf3c3314e\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 566696 a5cb0c0f4e1935fd836d17baed691184\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 189572 8ec031302a94a02a09b0af196bd300dc\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 97650 0075b972a1a8893cd71c66bcaaff95d4\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 111912 cae6cf777332ed408fd6b122198d325f\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 115874 fc5f861aad1689c7aeba2f1f012324ba\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_alpha.deb\n Size/MD5 checksum: 225398 f4b2582ac5d26563becd0b83e7f054ba\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 317188 4426301631236673c7501c63d7d1be64\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 116584 8485c57afdaefb85a77c2cec61bb0b7b\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 190490 8081ccaac50c67c51e9a49804d22e2f1\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 1110612 dfa5a6f773e5cc985ca15b08cf868afc\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 95162 de0fd449293c68f17886b9fcf8aaf3e0\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 553466 7a6494a6bd042ccf5df4d99d6c5c2542\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 186922 83db82dca4032d2326be7b1bb8624d19\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 95958 76cf006f35ab0fe0d5db1bea77902e7c\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 110608 099dbfa728bbd0ba230362327b96af33\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 113880 b90a561a40975ea4cddd3f59dc2d5a6b\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_amd64.deb\n Size/MD5 checksum: 223960 34ce7a0693aadc21ece63efc42717dc3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 311286 ddc9ebd93f06b76792798a6a5bc01d34\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 115332 36e51f58ed0be288c2ab066bd0e1e763\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 187714 7ade5d593bef956f1dd7769c29f6551f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 1257768 dcffd2d0af9262b3b3c2d1b8166d9c65\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 96256 c10cd5cc0d827b485e7a6b1d06342992\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 545018 c8a2f5a0a086a858ce4ae4e9c096d28c\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 185090 039d93f2286fa4974c360745f6e7ec89\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 96074 98b897d5f0c8ff086514d86801122d30\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 112556 16330ecebbd5be5dcfbfa7acb67c89aa\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 113746 ccb0abb76e39395ec051eac5b10ab3bb\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_hppa.deb\n Size/MD5 checksum: 216754 94ea9e9fc614f3ae44e184d4a070dee8\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 294096 a54d3779c21bc3d3ea13b8991aedd55c\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 112686 91b9f6ad1fe1d3bed4473e844060755d\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 180052 acdaa5225d7a8a46dfa018d33b85917f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 995710 8d44e9f8b65868d201cc0593c035a0b2\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 94040 208d791ca231d336850b8526b61dc547\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 473758 f0ca4e1c62970bcdb4ca0e4fec82bd20\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 168910 f1be1c9a61bb8c1a7b28a73144a0febc\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 94014 3927f50039cb5a3815d37ee60b8f0805\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 105664 24dd5215d1eb5aabe10f68bd379dfbf5\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 109552 9211a8f796f460cb1674ad233f99f0b8\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_i386.deb\n Size/MD5 checksum: 206122 5f581d25b7eac5d9924633c48374cfd9\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 392704 fbb60f8a53e1df4370f6b1fa04dcaa7f\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 125346 d7b91c0fd8c935dc80d5c2f10dfb71cd\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 215892 d8b6b3e6a35d326074763dcb6f2a02d1\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 1585738 f246e3455fdcc4bede6aaa4feb7e5a4c\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 99586 a6a90361dbe16b55fac090b6221bb2b6\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 742434 2d827017a7f76dbaae60ac1c827c7375\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 231552 8968c74dabdb69eeb4091e8a8d4b2139\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 102034 da5aec0bfc2e2f8c659f563a8774596a\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 117356 99c85d5fd4b7790a8a3fbe0b66c55ce8\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 127150 3f764e3176185b773ddfa988105dce93\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_ia64.deb\n Size/MD5 checksum: 280214 ca7ba1f13de17522a302538390731a11\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 298960 386cfb4312bfed69a2ed12304609a3ed\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 112532 92eb6f06d4a18dca899f5d23caddea3b\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 179148 4ca657710b1071bac2ebd2a27ac1122c\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 1206278 03496e479c5e92c1e4e6bbb63c54f73b\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 93742 cb50eb9cce7422e8879aa796dfdb7b8d\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 489944 ab86bfaff22e47af0bfd3fc57c0db801\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 173664 03c3008a5493f50b453ac239e843a5db\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 94564 5c1aab5f8cee9fac9e678737b5171ecc\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 106766 7d53ee8d69117fdde48a1074cfdd3f1b\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 109844 13abaab553f3c76403b948fea9d0cc1c\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_mipsel.deb\n Size/MD5 checksum: 210372 4bdb416e4876166765b8aa3987d8e339\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 300740 b8f07903829e88e7dd495cb0866a1be4\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 113376 20cdab8f8babc1e60bcc6e34824be459\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 182824 7eb696a4324c5ad3f8b403a977c62c55\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 1169274 289ca4f005063dec3ad819896ba0afb1\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 95760 ca5d0db4143552b8570c766acea14a71\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 490474 ef3bc644324fd9293b8f132e3bdf6eef\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 173214 49a7fec7735be2fa5143280197d2e34d\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 95768 6970420c1ca23d748ed7bdf9efc029e1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 108868 a0be0fc5c4c666348cc11d3502fa8a30\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 111876 899a074f3970c21cb97e2d0b5a3b3606\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_powerpc.deb\n Size/MD5 checksum: 206322 24bce060644edb83c85a83e1c0d81087\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 331352 1d686878f52e8d8a3a1a10dd5d1eeae2\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 117686 53039a718a231df07de1020ae4062d04\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 194230 4fefe9085f9c27fd11f63b944ebe1583\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 1138900 d511892e9f7b30f034d30d9b10722f67\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 95298 6f5505c5815bd05d5acca2a7bc918f52\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 581310 338f8914e14bfdc50835252d76f0fd42\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 196206 543df937ea45c7b5f784c1c952a7f5e0\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 97416 fa1af3cf8a7416f3ed5b7d42c836b8b2\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 113884 2ec66079b2d2e11cf897f0977729a4c1\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 116232 f5fa31d37e78bbb36f73d53da5da27ea\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_s390.deb\n Size/MD5 checksum: 233484 1dffc0d674f30381bbe5a7ffdbc30518\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 299544 d87837fe5a3f20c6a14fdf3318dd2262\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 113810 f403041c08435061da227325811fa162\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 183572 8af8396c1de389c5d59c043f957f6ffc\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 1122852 f127cc8eaf19ea1afc0e75d95dddfe01\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 94460 5a3a6e60c48ea5a2430852e8f0bdccde\n http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 495516 6be9e70176aea0f4103f66638d1ddb4e\n http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 174856 af7512793320752e3607994adcdf5192\n http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 94450 607818b14e52d297085cf59f207afce7\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 107158 67c296d0d2ca2bd11260b9433bb8b444\n http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 110702 0237570eab7e9344b78728b6ff4c3a55\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_sparc.deb\n Size/MD5 checksum: 210042 3d5b39b5e149149d314c3d3b0693e057\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2007-07-26T00:00:00", "published": "2007-07-26T00:00:00", "id": "DEBIAN:DSA-1342-2:075A0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00103.html", "title": "[SECURITY] [DSA 1342-2] New bind9 packages fix DNS cache poisoning", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "centos": [{"lastseen": "2020-07-17T03:28:20", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0740\n\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS\r\n(Domain Name System) protocols. \r\n\r\nA flaw was found in the way BIND generates outbound DNS query ids. If an\r\nattacker is able to acquire a finite set of query IDs, it becomes possible\r\nto accurately predict future query IDs. Future query ID prediction may\r\nallow an attacker to conduct a DNS cache poisoning attack, which can result\r\nin the DNS server returning incorrect client query data. (CVE-2007-2926)\r\n\r\nUsers of BIND are advised to upgrade to these updated packages, which\r\ncontain backported patches to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026111.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026112.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026113.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026114.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026116.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026117.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026118.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026119.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026120.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026121.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0740.html", "edition": 5, "modified": "2007-07-25T13:47:09", "published": "2007-07-24T15:48:10", "href": "http://lists.centos.org/pipermail/centos-announce/2007-July/026111.html", "id": "CESA-2007:0740", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-20T18:28:00", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0740-01\n\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS\r\n(Domain Name System) protocols. \r\n\r\nA flaw was found in the way BIND generates outbound DNS query ids. If an\r\nattacker is able to acquire a finite set of query IDs, it becomes possible\r\nto accurately predict future query IDs. Future query ID prediction may\r\nallow an attacker to conduct a DNS cache poisoning attack, which can result\r\nin the DNS server returning incorrect client query data. (CVE-2007-2926)\r\n\r\nUsers of BIND are advised to upgrade to these updated packages, which\r\ncontain backported patches to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026115.html\n\n**Affected packages:**\nbind\nbind-devel\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 3, "modified": "2007-07-25T01:16:51", "published": "2007-07-25T01:16:51", "href": "http://lists.centos.org/pipermail/centos-announce/2007-July/026115.html", "id": "CESA-2007:0740-01", "title": "bind security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:23", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "A flaw was discovered in Bind's sequence number generator. A remote \nattacker could calculate future sequence numbers and send forged DNS \nquery responses. This could lead to client connections being directed \nto attacker-controlled hosts, resulting in credential theft and other \nattacks.", "edition": 6, "modified": "2007-07-25T00:00:00", "published": "2007-07-25T00:00:00", "id": "USN-491-1", "href": "https://ubuntu.com/security/notices/USN-491-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cert": [{"lastseen": "2020-09-18T20:42:35", "bulletinFamily": "info", "cvelist": ["CVE-2007-2926"], "description": "### Overview \n\nISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches.\n\n### Description \n\nFrom the ISC Bind [security page](<http://www.isc.org/sw/bind/bind-security.php>):\n\n_The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. \n \nThis bug only affects outgoing queries, generated by BIND 9 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFYs to slave name servers. \n \nAll users are encouraged to upgrade._ \n \n--- \n \n### Impact \n\nA remote attacker could predict DNS query IDs and respond with arbitrary answers, thus poisoning DNS caches. \n \n--- \n \n### Solution \n\n**Upgrade or Patch**\n\n \nThis issue is addressed in ISC BIND 9.2.8-P1, BIND 9.3.4-P1, BIND 9.4.1-P1 or BIND 9.5.0a6. Users who obtain BIND from their operating system vendor should see the systems affected portion of this document for a partial list of affected vendors. \n \n--- \n \n### Vendor Information\n\n252735\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux __ Affected\n\nNotified: July 26, 2007 Updated: July 30, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThe Debian project has fixed this vulnerability in its stable distribution Debian GNU/Linux 4.0 in version 9.3.4-2etch1 of bind9 and in its old stable distribution Debian GNU/Linux 3.1 in version 9.2.4-1sarge3 of bind9 via Debian Security Advisory 1341 as in \n\n<<http://www.debian.org/security/2007/dsa-1341>>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://www.debian.org/security/2007/dsa-1341> for more details.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252735 Feedback>).\n\n### Fujitsu Affected\n\nNotified: July 26, 2007 Updated: October 01, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Internet Software Consortium __ Affected\n\nUpdated: July 27, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://www.isc.org/sw/bind/bind-security.php> for more details.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252735 Feedback>).\n\n### Openwall GNU/*/Linux __ Affected\n\nNotified: July 26, 2007 Updated: August 08, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThis weakness has been corrected for Openwall GNU/*/Linux (Owl) 2.0-stable and Owl-current as of 2007/07/30 by updating the BIND package to version 9.3.4-P1.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Red Hat, Inc. __ Affected\n\nNotified: July 26, 2007 Updated: July 28, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThis issue affected the Bind package as shipped with Red Hat Enterprise Linux 2.1, 4, 4, and 5. Updated packages to correct this issue are available along with our advisories at the URLs below and via Red Hat Network.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### SUSE Linux __ Affected\n\nNotified: July 26, 2007 Updated: August 03, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSUSE is affected by VU#252735 (CVE-2007-2926) and has released updates for it. Our advisory is at:\n\n<http://www.novell.com/linux/security/advisories/2007_47_bind.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sun Microsystems, Inc. __ Affected\n\nNotified: July 26, 2007 Updated: August 03, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSolaris 10 is affected by this issue. Sun has published Sun Alert 103018 for this issue which is available here:\n\n<http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ubuntu __ Affected\n\nNotified: July 26, 2007 Updated: August 06, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://www.ubuntu.com/usn/usn-491-1> for more details.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252735 Feedback>).\n\n### EMC Corporation Not Affected\n\nNotified: July 26, 2007 Updated: July 30, 2007 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hitachi Not Affected\n\nNotified: July 26, 2007 Updated: July 30, 2007 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Apple Computer, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### FreeBSD, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Immunix Communications, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ingrian Networks, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Juniper Networks, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Mandriva, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Microsoft Corporation Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### QNX, Software Systems, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Trustix Secure Linux Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: July 26, 2007 Updated: July 26, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\nView all 41 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.isc.org/sw/bind/bind-security.php>\n * <http://www.trusteer.com/docs/bind9dns.html>\n * <http://jvn.jp/cert/JVNVU%23252735/index.html>\n * <http://secunia.com/advisories/26195/>\n * <http://www.milw0rm.com/exploits/4266>\n * <http://docs.info.apple.com/article.html?artnum=307041>\n\n### Acknowledgements\n\nThis vulnerability was reported by ISC who credit Amit Klein from Trusteer.\n\nThis document was written by Ryan Giobbi.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2007-2926](<http://web.nvd.nist.gov/vuln/detail/CVE-2007-2926>) \n---|--- \n**Severity Metric:** | 3.83 \n**Date Public:** | 2007-07-24 \n**Date First Published:** | 2007-07-27 \n**Date Last Updated: ** | 2008-08-06 13:02 UTC \n**Document Revision: ** | 27 \n", "modified": "2008-08-06T13:02:00", "published": "2007-07-27T00:00:00", "id": "VU:252735", "href": "https://www.kb.cert.org/vuls/id/252735", "type": "cert", "title": "ISC BIND generates cryptographically weak DNS query IDs", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "suse": [{"lastseen": "2016-09-04T12:16:05", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "Amit Klein found that the random number generator used by the BIND name server to compute DNS query IDs generates predictable values. Remote attackers could exploit this flaw to conduct DNS cache poisoning attacks (CVE-2007-2926).\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2007-08-01T16:07:35", "published": "2007-08-01T16:07:35", "id": "SUSE-SA:2007:047", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00000.html", "type": "suse", "title": "DNS cache poisoning in bind, bind9", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": " [9.2.4-27.0.1.el4]\n - fixed cryptographically weak query id generator (CVE-2007-2926) ", "edition": 4, "modified": "2007-07-24T00:00:00", "published": "2007-07-24T00:00:00", "id": "ELSA-2007-0740", "href": "http://linux.oracle.com/errata/ELSA-2007-0740.html", "title": "Moderate: bind security update ", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "\nProblem Description:\nWhen named(8) is operating as a recursive DNS server or\n\t sending NOTIFY requests to slave DNS servers, named(8)\n\t uses a predictable query id.\nImpact:\nAn attacker who can see the query id for some request(s)\n\t sent by named(8) is likely to be able to perform DNS cache\n\t poisoning by predicting the query id for other request(s).\nWorkaround:\nNo workaround is available.\n", "edition": 4, "modified": "2016-08-09T00:00:00", "published": "2007-07-24T00:00:00", "id": "3DE342FB-40BE-11DC-AEAC-02E0185F8D72", "href": "https://vuxml.freebsd.org/freebsd/3de342fb-40be-11dc-aeac-02e0185f8d72.html", "title": "FreeBSD -- Predictable query ids in named(8)", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-06T09:44:49", "description": "This update provides fixed packages for the oldstable distribution\n(sarge). For reference the original advisory text :\n\n Amit Klein discovered that the BIND name server generates\n predictable DNS query IDs, which may lead to cache poisoning\n attacks.", "edition": 26, "published": "2007-08-13T00:00:00", "title": "Debian DSA-1341-2 : bind9 - design error", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-08-13T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:bind9"], "id": "DEBIAN_DSA-1341.NASL", "href": "https://www.tenable.com/plugins/nessus/25851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1341. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25851);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-2926\");\n script_xref(name:\"DSA\", value:\"1341\");\n\n script_name(english:\"Debian DSA-1341-2 : bind9 - design error\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides fixed packages for the oldstable distribution\n(sarge). For reference the original advisory text :\n\n Amit Klein discovered that the BIND name server generates\n predictable DNS query IDs, which may lead to cache poisoning\n attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1341\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the BIND packages.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 9.2.4-1sarge3. An update for mips, powerpc and hppa is not yet\navailable, they will be released soon.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 9.3.4-2etch1. An update for mips is not yet available, it will\nbe released soon.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"bind9\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"bind9-doc\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"bind9-host\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dnsutils\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libbind-dev\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libdns16\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libisc7\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libisccc0\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libisccfg0\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"liblwres1\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lwresd\", reference:\"9.2.4-1sarge3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"bind9\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"bind9-doc\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"bind9-host\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dnsutils\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libbind-dev\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libbind9-0\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libdns22\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libisc11\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libisccc0\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libisccfg1\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"liblwres9\", reference:\"9.3.4-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"lwresd\", reference:\"9.3.4-2etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:43:20", "description": "The bind nameserver generated predicatable DNS query IDs. Remote\nattackers could use that to perform DNS poisoning attacks\n(CVE-2007-2926).", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : bind (bind-3964)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-10-17T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:bind-utils", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:bind"], "id": "SUSE_BIND-3964.NASL", "href": "https://www.tenable.com/plugins/nessus/27168", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-3964.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27168);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n\n script_name(english:\"openSUSE 10 Security Update : bind (bind-3964)\");\n script_summary(english:\"Check for the bind-3964 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The bind nameserver generated predicatable DNS query IDs. Remote\nattackers could use that to perform DNS poisoning attacks\n(CVE-2007-2926).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"bind-9.3.2-17.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"bind-libs-9.3.2-17.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"bind-utils-9.3.2-17.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.3.2-17.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"bind-9.3.2-56.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"bind-libs-9.3.2-56.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"bind-utils-9.3.2-56.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.3.2-56.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-libs / bind-libs-32bit / bind-utils\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T13:43:45", "description": "A flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : bind on SL5.x, SL4.x, SL3.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20070724_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60231", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60231);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x, SL4.x, SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0707&L=scientific-linux-errata&T=0&P=1166\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bab5ad38\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"bind-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"bind-chroot-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"bind-devel-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"bind-libs-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"bind-utils-9.2.4-21.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"bind-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-chroot-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-devel-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-libs-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-utils-9.2.4-27.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libbind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libs-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T12:44:01", "description": "From Red Hat Security Advisory 2007:0740 :\n\nUpdated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : bind (ELSA-2007-0740)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:caching-nameserver", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:bind-libs", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:bind-libbind-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2007-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/67554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0740 and \n# Oracle Linux Security Advisory ELSA-2007-0740 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67554);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n script_bugtraq_id(25037);\n script_xref(name:\"RHSA\", value:\"2007:0740\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : bind (ELSA-2007-0740)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0740 :\n\nUpdated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000278.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000279.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000280.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"bind-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"bind-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"bind-chroot-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"bind-chroot-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"bind-devel-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"bind-devel-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"bind-libs-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"bind-libs-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"bind-utils-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"bind-utils-9.2.4-21.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"bind-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"bind-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"bind-chroot-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"bind-chroot-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"bind-devel-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"bind-devel-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"bind-libs-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"bind-libs-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"bind-utils-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"bind-utils-9.2.4-27.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libbind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libs-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T13:05:52", "description": "Updated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.", "edition": 27, "published": "2007-07-27T00:00:00", "title": "RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2007:0740)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-07-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:caching-nameserver", "p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel", "cpe:/o:redhat:enterprise_linux:4.5", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-sdb"], "id": "REDHAT-RHSA-2007-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/25797", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0740. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25797);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n script_bugtraq_id(25037);\n script_xref(name:\"RHSA\", value:\"2007:0740\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2007:0740)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0740\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0740\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"bind-9.2.1-9.el2\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"bind-devel-9.2.1-9.el2\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"bind-utils-9.2.1-9.el2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL3\", reference:\"bind-9.2.4-21.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"bind-chroot-9.2.4-21.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"bind-devel-9.2.4-21.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"bind-libs-9.2.4-21.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"bind-utils-9.2.4-21.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-9.2.4-27.0.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-chroot-9.2.4-27.0.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-devel-9.2.4-27.0.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-libs-9.2.4-27.0.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-utils-9.2.4-27.0.1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-devel-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libbind-devel-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libs-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:43:20", "description": "The bind nameserver generated predicatable DNS query IDs. Remote\nattackers could use that to perform DNS poisoning attacks.\n(CVE-2007-2926)", "edition": 23, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : bind,bind-devel,bind-utils (ZYPP Patch Number 3976)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_BIND-3976.NASL", "href": "https://www.tenable.com/plugins/nessus/29388", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29388);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n\n script_name(english:\"SuSE 10 Security Update : bind,bind-devel,bind-utils (ZYPP Patch Number 3976)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The bind nameserver generated predicatable DNS query IDs. Remote\nattackers could use that to perform DNS poisoning attacks.\n(CVE-2007-2926)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2926.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 3976.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"bind-libs-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"bind-utils-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"bind-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"bind-devel-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"bind-libs-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"bind-utils-9.3.4-1.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"bind-libs-32bit-9.3.4-1.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:02:13", "description": " - CVE-2007-2926, cryptographically weak query ids [RT\n #16915]. Applied fix extracted from 9.2.8-P1 version.\n\n - version update to 9.3.x because ISC will no longer\n maintain version 9.2.x", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : SLES9-SP4: Security update for bind (YOU Patch Number 11717)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_11717.NASL", "href": "https://www.tenable.com/plugins/nessus/41147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41147);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2926\");\n\n script_name(english:\"SuSE9 Security Update : SLES9-SP4: Security update for bind (YOU Patch Number 11717)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2007-2926, cryptographically weak query ids [RT\n #16915]. Applied fix extracted from 9.2.8-P1 version.\n\n - version update to 9.3.x because ISC will no longer\n maintain version 9.2.x\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2926.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 11717.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"bind-9.3.4-4.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"bind-devel-9.3.4-4.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"bind-utils-9.3.4-4.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"bind-utils-32bit-9-200708091324\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:06:15", "description": " - CVE-2007-2926 - cryptographically weak query id\n generator\n\n - 1 in 8 chance of guessing the next query id for 50% of\n the query ids\n\n - allows cache-poisoning type of attack, no workaround,\n affect only outgoing queries\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "published": "2007-07-27T00:00:00", "title": "Fedora Core 6 : bind-9.3.4-7.P1.fc6 (2007-647)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-07-27T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind-libbind-devel", "cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:caching-nameserver", "p-cpe:/a:fedoraproject:fedora:bind-utils", "p-cpe:/a:fedoraproject:fedora:bind-sdb", "p-cpe:/a:fedoraproject:fedora:bind-debuginfo", "p-cpe:/a:fedoraproject:fedora:bind-libs", "p-cpe:/a:fedoraproject:fedora:bind-chroot", "p-cpe:/a:fedoraproject:fedora:bind-devel"], "id": "FEDORA_2007-647.NASL", "href": "https://www.tenable.com/plugins/nessus/25783", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-647.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25783);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2007-647\");\n\n script_name(english:\"Fedora Core 6 : bind-9.3.4-7.P1.fc6 (2007-647)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2007-2926 - cryptographically weak query id\n generator\n\n - 1 in 8 chance of guessing the next query id for 50% of\n the query ids\n\n - allows cache-poisoning type of attack, no workaround,\n affect only outgoing queries\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-July/002943.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ef22d12b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"bind-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-chroot-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-debuginfo-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-devel-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-libbind-devel-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-libs-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-sdb-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"bind-utils-9.3.4-7.P1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"caching-nameserver-9.3.4-7.P1.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:25:11", "description": "Updated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.", "edition": 26, "published": "2007-07-27T00:00:00", "title": "CentOS 3 / 4 / 5 : bind (CESA-2007:0740)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-07-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-devel", "p-cpe:/a:centos:centos:caching-nameserver", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-chroot", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:bind-libbind-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2007-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/25778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0740 and \n# CentOS Errata and Security Advisory 2007:0740 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25778);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-2926\");\n script_bugtraq_id(25037);\n script_xref(name:\"RHSA\", value:\"2007:0740\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : bind (CESA-2007:0740)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix a security issue are now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nISC BIND (Berkeley Internet Name Domain) is an implementation of the\nDNS (Domain Name System) protocols.\n\nA flaw was found in the way BIND generates outbound DNS query ids. If\nan attacker is able to acquire a finite set of query IDs, it becomes\npossible to accurately predict future query IDs. Future query ID\nprediction may allow an attacker to conduct a DNS cache poisoning\nattack, which can result in the DNS server returning incorrect client\nquery data. (CVE-2007-2926)\n\nUsers of BIND are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014073.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?540b9401\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014074.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b847f63\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014075.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cc652c10\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014076.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?56be2726\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014078.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29385fec\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014079.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac7be649\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014080.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73f3de8b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-July/014081.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e36de79\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"bind-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"bind-chroot-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"bind-devel-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"bind-libs-9.2.4-21.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"bind-utils-9.2.4-21.el3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"bind-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"bind-chroot-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"bind-devel-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"bind-libs-9.2.4-27.0.1.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"bind-utils-9.2.4-27.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-chroot-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libbind-devel-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libs-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-sdb-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-utils-9.3.3-9.0.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"caching-nameserver-9.3.3-9.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-20T15:44:00", "description": "A flaw was discovered in Bind's sequence number generator. A remote\nattacker could calculate future sequence numbers and send forged DNS\nquery responses. This could lead to client connections being directed\nto attacker-controlled hosts, resulting in credential theft and other\nattacks.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : bind9 vulnerability (USN-491-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "modified": "2007-11-10T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libdns21", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:libbind-dev", "p-cpe:/a:canonical:ubuntu_linux:bind9-host", "p-cpe:/a:canonical:ubuntu_linux:bind9", "p-cpe:/a:canonical:ubuntu_linux:libisc11", "p-cpe:/a:canonical:ubuntu_linux:bind9-doc", "p-cpe:/a:canonical:ubuntu_linux:lwresd", "p-cpe:/a:canonical:ubuntu_linux:dnsutils", "p-cpe:/a:canonical:ubuntu_linux:libisccc0", "p-cpe:/a:canonical:ubuntu_linux:libbind9-0", "p-cpe:/a:canonical:ubuntu_linux:libisccfg1", "cpe:/o:canonical:ubuntu_linux:7.04", "p-cpe:/a:canonical:ubuntu_linux:liblwres9", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libdns22"], "id": "UBUNTU_USN-491-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-491-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28093);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-2926\");\n script_xref(name:\"USN\", value:\"491-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : bind9 vulnerability (USN-491-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in Bind's sequence number generator. A remote\nattacker could calculate future sequence numbers and send forged DNS\nquery responses. This could lead to client connections being directed\nto attacker-controlled hosts, resulting in credential theft and other\nattacks.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/491-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-doc\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-host\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dnsutils\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind-dev\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind9-0\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libdns21\", pkgver:\"1:9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisc11\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccc0\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccfg1\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"liblwres9\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"lwresd\", pkgver:\"9.3.2-2ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"bind9\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"bind9-doc\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"bind9-host\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dnsutils\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libbind-dev\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libbind9-0\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libdns21\", pkgver:\"1:9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libisc11\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libisccc0\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libisccfg1\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"liblwres9\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"lwresd\", pkgver:\"9.3.2-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"bind9\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"bind9-doc\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"bind9-host\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dnsutils\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libbind-dev\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libbind9-0\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libdns22\", pkgver:\"1:9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libisc11\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libisccc0\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libisccfg1\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"liblwres9\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"lwresd\", pkgver:\"9.3.4-2ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind9 / bind9-doc / bind9-host / dnsutils / libbind-dev / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2926"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2007-07-26T15:35:49", "published": "2007-07-26T15:35:49", "id": "FEDORA:L6QFZNNT017703", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: bind-9.3.4-7.P1.fc6", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2007-07-25T05:15:35", "published": "2007-07-25T05:15:35", "id": "FEDORA:L6P5FXB6014086", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: bind-9.4.1-7.P1.fc7", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926", "CVE-2007-6283"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2007-12-20T20:14:27", "published": "2007-12-20T20:14:27", "id": "FEDORA:LBKKE3US027294", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: bind-9.4.2-2.fc7", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2241", "CVE-2007-2925", "CVE-2007-2926", "CVE-2007-6283", "CVE-2008-0122"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2008-01-22T16:01:40", "published": "2008-01-22T16:01:40", "id": "FEDORA:M0MG2IGT000424", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: bind-9.4.2-3.fc7", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-12-08T11:44:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-07:07.bind.asc", "modified": "2017-12-07T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:58512", "href": "http://plugins.openvas.org/nasl.php?oid=58512", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-07:07.bind.asc)", "sourceData": "#\n#ADV FreeBSD-SA-07:07.bind.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n#\n\ntag_insight = \"BIND 9 is an implementation of the Domain Name System (DNS) protocols.\nThe named(8) daemon is an Internet Domain Name Server. DNS requests\ncontain a query id which is used match a DNS request with the response\nand to make it harder for anybody but the DNS server which received the\nrequest to send a valid response.\n\nWhen named(8) is operating as a recursive DNS server or sending NOTIFY\nrequests to slave DNS servers, named(8) uses a predictable query id.\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-07:07.bind.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-07:07.bind.asc\";\n\n \nif(description)\n{\n script_id(58512);\n script_version(\"$Revision: 8023 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n name = \"FreeBSD Security Advisory (FreeBSD-SA-07:07.bind.asc)\";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n family = \"FreeBSD Local Security Checks\";\n script_family(family);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"6.2\", patchlevel:\"7\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.1\", patchlevel:\"19\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"5.5\", patchlevel:\"15\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-04T11:29:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-491-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840177", "href": "http://plugins.openvas.org/nasl.php?oid=840177", "type": "openvas", "title": "Ubuntu Update for bind9 vulnerability USN-491-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_491_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for bind9 vulnerability USN-491-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was discovered in Bind's sequence number generator. A remote\n attacker could calculate future sequence numbers and send forged DNS\n query responses. This could lead to client connections being directed\n to attacker-controlled hosts, resulting in credential theft and other\n attacks.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-491-1\";\ntag_affected = \"bind9 vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-491-1/\");\n script_id(840177);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:55:18 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"USN\", value: \"491-1\");\n script_cve_id(\"CVE-2007-2926\");\n script_name( \"Ubuntu Update for bind9 vulnerability USN-491-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns22\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.4-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns21\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.2-2ubuntu1.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns21\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.2-2ubuntu3.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-26T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:58816", "href": "http://plugins.openvas.org/nasl.php?oid=58816", "type": "openvas", "title": "FreeBSD Ports: named", "sourceData": "#\n#VID 3de342fb-40be-11dc-aeac-02e0185f8d72\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: named\n\n=====\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\nif(description)\n{\n script_id(58816);\n script_version(\"$Revision: 4144 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-26 07:28:56 +0200 (Mon, 26 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: named\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"named\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.4\")>0 && revcomp(a:bver, b:\"9.4.1.1\")<0) {\n txt += 'Package named version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.3\")>0 && revcomp(a:bver, b:\"9.3.4.1\")<0) {\n txt += 'Package named version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:56:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "Check for the Version of BIND", "modified": "2017-07-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:835018", "href": "http://plugins.openvas.org/nasl.php?oid=835018", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for BIND HPSBUX02251\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote DNS cache poisoning\";\ntag_affected = \"BIND on\n HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.2.0 or BIND v9.3.2\";\ntag_insight = \"A potential vulnerability has been identified with HP-UX running BIND. The \n vulnerability could be exploited remotely tocause DNS cache poisoning.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01123426-4\");\n script_id(835018);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"HPSBUX\", value: \"02251\");\n script_cve_id(\"CVE-2007-2926\");\n script_name( \"HP-UX Update for BIND HPSBUX02251\");\n\n script_summary(\"Check for the Version of BIND\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.1.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS2-RUN\", patch_list:['PHNE_36973'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.2.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BINDv920.INETSVCS-BIND\", revision:\"D920\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.2.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 1341-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:58473", "href": "http://plugins.openvas.org/nasl.php?oid=58473", "type": "openvas", "title": "Debian Security Advisory DSA 1341-1 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1341_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1341-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Amit Klein discovered that the BIND name server generates predictable\nDNS query IDs, which may lead to cache poisoning attacks.\n\nAn update for the oldstable distribution (sarge) is in preparation. It\nwill be released soon.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 9.3.4-2etch1. An update for mips is not yet available, it will\nbe released soon.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your BIND packages.\";\ntag_summary = \"The remote host is missing an update to bind9\nannounced via advisory DSA 1341-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201341-1\";\n\nif(description)\n{\n script_id(58473);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 1341-1 (bind9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdns22\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.4-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "Oracle Linux Local Security Checks ELSA-2007-0740", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122672", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2007-0740", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2007-0740.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122672\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:50:48 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2007-0740\");\n script_tag(name:\"insight\", value:\"ELSA-2007-0740 - Moderate: bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2007-0740\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2007-0740.html\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.3~9.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-12-12T11:19:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "Check for the Version of bind, bind9", "modified": "2017-12-08T00:00:00", "published": "2009-01-28T00:00:00", "id": "OPENVAS:850109", "href": "http://plugins.openvas.org/nasl.php?oid=850109", "type": "openvas", "title": "SuSE Update for bind, bind9 SUSE-SA:2007:047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2007_047.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for bind, bind9 SUSE-SA:2007:047\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"DNS cache poisoning\";\ntag_affected = \"bind, bind9 on SUSE LINUX 10.1, openSUSE 10.2, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_insight = \"Amit Klein found that the random number generator used by the BIND\n name server to compute DNS query IDs generates predictable values.\n Remote attackers could exploit this flaw to conduct DNS cache\n poisoning attacks CVE-2007-2926.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850109);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"SUSE-SA\", value: \"2007-047\");\n script_cve_id(\"CVE-2007-2926\");\n script_name( \"SuSE Update for bind, bind9 SUSE-SA:2007:047\");\n\n script_summary(\"Check for the Version of bind, bind9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.2~56.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.2~56.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.2~56.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.3.2~56.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESSr8\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind9\", rpm:\"bind9~9.2.2~105\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind9-devel\", rpm:\"bind9-devel~9.2.2~105\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind9-utils\", rpm:\"bind9-utils~9.2.2~105\", rls:\"SLESSr8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.4~1.16\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.4~1.16\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.3.4~1.16\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.4~1.16\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.4~1.16\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.3~76.34\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.3~76.34\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.3~76.34\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.3~76.34\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.3~76.34\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.3~76.34\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.4~1.16\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.4~1.16\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.3.4~1.16\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.4~1.16\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.4~1.16\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.3~76.34\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.3~76.34\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.3~76.34\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.4~1.16\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.4~1.16\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.3.4~1.16\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.4~1.16\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.4~1.16\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.2~17.18\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.2~17.18\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.2~17.18\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.3~76.34\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.3~76.34\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.3~76.34\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:38:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n bind-devel\n bind-utils\n bind\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065512", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065512", "type": "openvas", "title": "SLES9: Security update for bind", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5019202.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for bind\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n bind-devel\n bind-utils\n bind\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65512\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for bind\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.4~4.4\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:40:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "Check for the Version of BIND", "modified": "2018-04-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:1361412562310835018", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835018", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for BIND HPSBUX02251\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote DNS cache poisoning\";\ntag_affected = \"BIND on\n HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.2.0 or BIND v9.3.2\";\ntag_insight = \"A potential vulnerability has been identified with HP-UX running BIND. The \n vulnerability could be exploited remotely tocause DNS cache poisoning.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01123426-4\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835018\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"HPSBUX\", value: \"02251\");\n script_cve_id(\"CVE-2007-2926\");\n script_name( \"HP-UX Update for BIND HPSBUX02251\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of BIND\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.1.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"InternetSrvcs.INETSVCS2-RUN\", patch_list:['PHNE_36973'], rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.2.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BINDv920.INETSVCS-BIND\", revision:\"D920\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.2.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2926"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n bind-utils\n bind-devel\n bind\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015954 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065424", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065424", "type": "openvas", "title": "SLES9: Security update for bind,bind-devel,bind-utils", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5015954.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for bind,bind-devel,bind-utils\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n bind-utils\n bind-devel\n bind\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015954 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65424\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-2926\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for bind,bind-devel,bind-utils\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.3~76.34\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "cvelist": ["CVE-2007-2926"], "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www.isc.org/index.pl?/sw/bind/bind-security.php)\n[Vendor Specific Advisory URL](http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426)\n[Secunia Advisory ID:26195](https://secuniaresearch.flexerasoftware.com/advisories/26195/)\n[Secunia Advisory ID:26148](https://secuniaresearch.flexerasoftware.com/advisories/26148/)\n[Secunia Advisory ID:26236](https://secuniaresearch.flexerasoftware.com/advisories/26236/)\n[Secunia Advisory ID:26217](https://secuniaresearch.flexerasoftware.com/advisories/26217/)\n[Secunia Advisory ID:26330](https://secuniaresearch.flexerasoftware.com/advisories/26330/)\n[Secunia Advisory ID:26607](https://secuniaresearch.flexerasoftware.com/advisories/26607/)\n[Secunia Advisory ID:26231](https://secuniaresearch.flexerasoftware.com/advisories/26231/)\n[Secunia Advisory ID:26227](https://secuniaresearch.flexerasoftware.com/advisories/26227/)\n[Secunia Advisory ID:26509](https://secuniaresearch.flexerasoftware.com/advisories/26509/)\n[Secunia Advisory ID:26180](https://secuniaresearch.flexerasoftware.com/advisories/26180/)\n[Secunia Advisory ID:26308](https://secuniaresearch.flexerasoftware.com/advisories/26308/)\n[Secunia Advisory ID:26847](https://secuniaresearch.flexerasoftware.com/advisories/26847/)\n[Secunia Advisory ID:26152](https://secuniaresearch.flexerasoftware.com/advisories/26152/)\n[Secunia Advisory ID:26261](https://secuniaresearch.flexerasoftware.com/advisories/26261/)\n[Secunia Advisory ID:26160](https://secuniaresearch.flexerasoftware.com/advisories/26160/)\n[Secunia Advisory ID:26925](https://secuniaresearch.flexerasoftware.com/advisories/26925/)\nRedHat RHSA: RHSA-2007:0740\nOther Advisory URL: http://www.trusteer.com/docs/bind9dns_s.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-491-1\nOther Advisory URL: http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-July/000217.html\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:149\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00102.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc\nOther Advisory URL: http://www.trustix.org/errata/2007/0023/\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2007_47_bind.html\nOther Advisory URL: http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm\nOther Advisory URL: https://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c01174368\nKeyword: DNS forgery pharming\n[CVE-2007-2926](https://vulners.com/cve/CVE-2007-2926)\n", "edition": 1, "modified": "2007-07-24T17:21:39", "published": "2007-07-24T17:21:39", "href": "https://vulners.com/osvdb/OSVDB:36235", "id": "OSVDB:36235", "title": "ISC BIND Predictable DNS Query IDs Cache Poisoning", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "slackware": [{"lastseen": "2020-10-25T16:36:10", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2925", "CVE-2007-2926"], "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, and 12.0 to fix security issues.\n\nThe first issue which allows remote attackers to make recursive queries only\naffects Slackware 12.0. More details about this issue may be found in the\nCommon Vulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925\n\nThe second issue is the discovery that BIND9's query IDs are cryptographically\nweak. This issue affects the versions of BIND9 in all supported Slackware\nversions. More details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926\n\n\nHere are the details from the Slackware 12.0 ChangeLog:\n\npatches/packages/bind-9.4.1_P1-i486-1_slack12.0.tgz:\n Upgraded to bind-9.4.1_P1 to fix security issues.\n The default access control lists allow remote attackers to make recursive\n queries in BIND9 versions 9.4.0 through 9.4.1.\n The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak.\n For more information on these issues, see:\n http://www.isc.org/index.pl?/sw/bind/bind-security.php\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\nfrom ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.2.8_P1-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.2.8_P1-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.2.8_P1-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.2.8_P1-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.3.4_P1-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.3.4_P1-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.3.4_P1-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.1_P1-i486-1_slack12.0.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n4c4416bf01018b5930f8eb4250bb6bb4 bind-9.2.8_P1-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\n60690cd64a251807a8582b0e904772bd bind-9.2.8_P1-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\n6769219553630a1ee75cf7b7021c9168 bind-9.2.8_P1-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n7f8d1ad2360a9f0ccb38a9c8d83ad8d8 bind-9.2.8_P1-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n39a4665d83754377d5be50a739100ad1 bind-9.3.4_P1-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\nf6c0d70a75b3a88c2972e359db895f72 bind-9.3.4_P1-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\ne830092ede1eedbcd54e85c370d8b621 bind-9.3.4_P1-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n8bea2625ec5d0b04afaf12297474684e bind-9.4.1_P1-i486-1_slack12.0.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.4.1_P1-i486-1_slack12.0.tgz \n\nThen, restart the nameserver:\n > /etc/rc.d/rc.bind restart", "modified": "2007-07-26T22:15:41", "published": "2007-07-26T22:15:41", "id": "SSA-2007-207-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:20", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2925", "CVE-2007-2926"], "description": "### Background\n\nISC BIND is the Internet Systems Consortium implementation of the Domain Name System (DNS) protocol. \n\n### Description\n\nAmit Klein from Trusteer reported that the random number generator of ISC BIND leads, half the time, to predictable (1 chance to 8) query IDs in the resolver routine or in zone transfer queries (CVE-2007-2926). Additionally, the default configuration file has been strengthen with respect to the allow-recursion{} and the allow-query{} options (CVE-2007-2925). \n\n### Impact\n\nA remote attacker can use this weakness by sending queries for a domain he handles to a resolver (directly to a recursive server, or through another process like an email processing) and then observing the resulting IDs of the iterative queries. The attacker will half the time be able to guess the next query ID, then perform cache poisoning by answering with those guessed IDs, while spoofing the UDP source address of the reply. Furthermore, with empty allow-recursion{} and allow-query{} options, the default configuration allowed anybody to make recursive queries and query the cache. \n\n### Workaround\n\nThere is no known workaround at this time for the random generator weakness. The allow-recursion{} and allow-query{} options should be set to trusted hosts only in /etc/bind/named.conf, thus preventing several security risks. \n\n### Resolution\n\nAll ISC BIND users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.4.1_p1\"", "edition": 1, "modified": "2007-08-18T00:00:00", "published": "2007-08-18T00:00:00", "id": "GLSA-200708-13", "href": "https://security.gentoo.org/glsa/200708-13", "type": "gentoo", "title": "BIND: Weak random number generation", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-3826", "CVE-2007-2930", "CVE-2007-3656", "CVE-2007-2926", "CVE-2007-3819"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n###########################################################################\r\n# #\r\n# Phishing for Confirmations #\r\n# #\r\n# Certificate spoofing with subjectAltName and domain name wildcards #\r\n# #\r\n###########################################################################\r\n\r\n URL: <http://nils.toedtmann.net/pub/subjectAltName.txt>\r\n Version: 2007-11-16-07\r\n Author: Nils Toedtmann <subjectAltName-mail@nils.toedtmann.net>\r\n License: Dual Creative Commons BY-ND & BY-NC-SA (see below)\r\n\r\n\r\n Disclaimer\r\n============\r\n\r\nThis is not an advisory but a reproval. These issues have been discussed for\r\nyears now at mozilla.org. But the developers seem to underestimate or ignore\r\ntheir severeness, particularly when being combined. Additionally i found \r\n(probably not at first) that more browsers are affected.\r\n\r\n\r\n Abstract\r\n==========\r\n\r\nModern browsers accept more than one (wildcard) domain name within a X.509 \r\ncertificate, although displaying only one of them (the DN's CN) to the user.\r\nIt is essential for preventing TLS-enriched domain name spoofing to bind \r\nuser-approved certificates from unknown CAs to the presenting hostname. \r\n\r\nMozilla based browsers, Konqueror and Safari 2 fail that binding, so once a\r\nuser accepted a certificate issued by a CA unknown to the browser, he is\r\nvulnerable to certificate spoofing. \r\n\r\nTo make things worse, some browsers match generic wildcard domain names \r\nlike *.com or even *.\r\n\r\nThere's a demonstration at <http://test.eonis.net/>, check it out.\r\n\r\n\r\n Introduction\r\n==============\r\n\r\nThere were and are and will be many ways to trap browser to a false web server\r\nwith a spoofed hostname. For example DNS spoofing [1], domain name hijacking\r\n[2] or other man-in-the-middle attacks [3].\r\n\r\nDomain name authentication through X.509 certificates is an additional line of\r\ndefense against browser-external phishing attempts as the phisher cannot spoof\r\nthe TLS-handshake with the original certificate. But this defense only holds\r\nif browser and user handle certificates properly.\r\n\r\nB.t.w: Even correctly handled certificates do not protect against similar-\r\nhostname-attacks [4] or in-browser attacks like location bar manipulation [5].\r\n\r\n\r\n subjectAltName\r\n================\r\n\r\nThe X.509 standard [6] defines the certificate extension "subjectAltName". It\r\ncan be used to supply additional information about the certificate's subject.\r\nWhen used for TLS, certificates can carry only one domain name in the \r\nsubject's DN ("distinguished name") field CN ("common name"), so additional \r\ndomain names are stored as subjectAltName:dNSName. (Some implementations\r\naccept more than one CN in a DN, but that's uncommon.)\r\n\r\nModern browsers respect this. They consider a X.509 certificate valid for \r\na web server only if the CN part of the certificate's subject DN *or* one of \r\nthe subjectAltName:dNSName extensions matches the web server's hostname \r\n(Some browsers ignore the CN if a subjectAltName:dNSName is present). As long\r\nas the TLS extension "server name indication" (SNI) [7] is not widely adopted\r\nby clients and servers, this is a useful method for virtual HTTPS hosting.\r\n\r\nIf a HTTPS-server presents a certificate during the TLS handshake but its \r\nissuer is not in the browser's list of accredited trustworthy CAs, the browser\r\nraises a warning. The user may decide to accept the certificate (temporarily \r\nor permanently by installing it into the browser's certificate storage) and\r\nto proceed.\r\n\r\nUnfortunately, no major browser displays existing subjectAltName:dNSName fields\r\nin the standard certificate view dialog, although subjectAltName:dNSName has \r\nbecome equivalent to the displayed subject's CN. The user has do dive deeply\r\ninto the "certificate details" to detect bogus subjectAltNames.\r\n\r\nWhen a second (virtual) HTTPS-server (different hostname, same or different IP\r\naddress) presents the same certificate, the browser SHOULD raise the "unknown\r\nissuer" warning again, even if the hostname matches one of the certified\r\ndomain names. If the browser fails in binding user-approved certificates to the\r\noriginating hostname the user won't notice certificate spoofing. Unfortunately,\r\nRFC 2818 (HTTPS) [8] does not cover this case.\r\n\r\n\r\n Domain name wildcards\r\n=======================\r\n\r\nSubject's CN and subjectAltName may be wildcard domain names like \r\n*.example.com. Wildcard matching is not specified in RFC 3280 but RFC 2818:\r\n\r\n "Names may contain the wildcard\r\n character * which is considered to match any single domain name\r\n component or component fragment. E.g., *.a.com matches foo.a.com but\r\n not bar.foo.a.com. f*.com matches foo.com but not bar.com."\r\n\r\nSo "loose matching" like www.test.example.com=*.example.com or \r\nwww.example.com=*.com or example.com=* violates RFC 2818.\r\n\r\nAnd though standard compliant, matching "generic wildcards" like top- or \r\nsecond-level wildcards (museum.=*, example.com=*.com) or third-level wildcards\r\nwithin generic SLDs (example.co.uk=*.co.uk) should be considered bad practice.\r\n\r\n\r\n Accepting certificates permanently\r\n====================================\r\n\r\nIf a user visits a HTTPS server with a unknown-issuer-cert regularly, she may\r\nwish to avoid the "unknown issuer" warning. A browser SHOULD offer the option \r\nto store the web server's certificate permanently. Both alternatives - \r\naccepting the cert on each connect temporarily or storing and trusting the \r\nparent CA certificate permanently - are less secure. The former does not \r\nprotect against certificate spoofing on subsequent connects, the latter also \r\ntrusts all other certificates issued by that CA.\r\n\r\nOf course the web server's certificate should be bound to it's hostname again.\r\n\r\n\r\n The real world: results by bug\r\n================================\r\n\r\n * [loose-wildcard-match]\r\n Matching the wildcard "*" with the dot (which is a violation of standards)\r\n and/or matching SLD and TLD wildcards is a minor security issue, but it\r\n aggravates the next two.\r\n\r\n Results: Mozilla based browsers, Safari 2 and Opera suffer from it. All\r\n major browsers match wildcards in generic SLDs like "*.co.uk".\r\n\r\n\r\n * [subjectAltName-not-shown]\r\n Not displaying existing subjectAltNames in the standard certificate view\r\n is - alone - a slight security issue. But it worsens the next one as the\r\n user has almost no chance to notice a spoofing attempt.\r\n\r\n Results: All tested browsers suffer from this.\r\n\r\n\r\n * [no-cert-name-binding]\r\n Not binding user-approved certificates to the originating hostname is a\r\n major bug which enables certificate spoofing. Results:\r\n\r\n Results: Browsers based on Mozilla <=1.9a8, Konqueror, and Safari 2 are\r\n affected.\r\n \r\n\r\n * [servercert-storage]\r\n Lacking this feature is not a bug but leads to less secure certificate\r\n handling. Results:\r\n\r\n Opera cannot store web server certificates. MSIE and Safari can, but that\r\n does not eliminate the "unknown issuer" warnings.\r\n \r\n This time the points go to Mozilla & Konqueror, at least ;)\r\n\r\n\r\n Results by browser\r\n====================\r\n\r\n * Mozilla based\r\n\r\n loose-wildcard-match: Affected [9, #159483 from 07/2002]\r\n subjectAltName-not-shown: Affected [9, #238142 from 03/2004]\r\n no-cert-name-binding: AFFECTED! (>=1.9 not) [9, #240261 from 04/2004]\r\n servercert-storage: Yes\r\n\r\n Note: Mozilla 1.9 (>= M9) incorporates a new, sophisticated version of its\r\n certificate manager "Personal Security Manager" (PSM) which binds certs to\r\n hostnames. Upcoming Firefox 3 will be based on this.\r\n\r\n Vendor status: #402347 filed on 2007/11/03, declared DUPE of #240261 \r\n (filed 2004/04/11), fixed in Mozilla-1.9/Firefox-3 [#327181], declared\r\n WONTFIX for Mozilla-1.8/Firefox-2 [#402347 comment #4].\r\n\r\n * Firefox 2.0.0.8 (FreeBSD, Linux), 2.0.0.9 (Win32)\r\n * Firefox 3.0 Alpha (3.0a8/Linux, 3.0a7/Win32)\r\n * Minefield 3.0a9pre (Windows) (not affected by [no-cert-name-binding])\r\n * Iceweasel 2.0.0.7\r\n * IceApe 1.1.5\r\n * Netscape 9.0 (Win32)\r\n * SeaMonkey 1.1.5 (Win32)\r\n * Epiphany 2.18.1\r\n * K-Meleon 1.12\r\n\r\n\r\n * Konqueror\r\n\r\n loose-wildcard-match: - (but matches wildcards in generic SLDs)\r\n subjectAltName-not-shown: Affected\r\n no-cert-name-binding: AFFECTED!\r\n servercert-storage: Yes\r\n\r\n Note: Konqueror does not show any certificate extension (like \r\n subjectAltName), not even in the details.\r\n\r\n Vendor status: Bug report sent to <security@kde.org> on 2007/11/06,\r\n issue under investigation at kde.org.\r\n\r\n * Konqueror 3.5.5 [ToDo: 3.5.8], 3.95.00 (=4.0 Beta4)\r\n\r\n\r\n * Safari\r\n\r\n loose-wildcard-match: - [ToDo: S3/MacOS] [Safari2: Affected]\r\n subjectAltName-not-shown: Affected\r\n no-cert-name-binding: - [Safari2: AFFECTED!]\r\n servercert-storage: See note\r\n\r\n Note: Safari actually can store webserver certs, but without trusting\r\n the parent CA cert that does not eliminate "unknown issuer" warnings.\r\n\r\n Safari 3 Public Beta for Windows has no own certificate storage but uses\r\n Windows' certificate list and validation mechs, so see MSIE instead.\r\n\r\n Vendor status: Reply from the Apple Product Security team: "There is no\r\n plan to address this in Safari 2. Safari 3 is recommended for all Safari 2\r\n users and is available as a free upgrade as part of 10.4.11."\r\n \r\n * Safari 2.0.4 (MacOS 10.4.10/WebKit 419.3)\r\n * Safari 3.0.4 (MacOS 10.4.11/WebKit 523.12, MacOS 10.5/WebKit 523.10.3)\r\n * Safari Public Beta for Windows 3.0.4 (Win32/WebKit 523.12.9)\r\n\r\n\r\n * Opera\r\n\r\n loose-wildcard-match: Affected\r\n subjectAltName-not-shown: Affected\r\n no-cert-name-binding: -\r\n servercert-storage: Missing\r\n\r\n Note: Opera has no option to install a web server certificate but makes\r\n installing the parent CA cert very easy (2 clicks). This misleads users\r\n annoyed by warnings to do so.\r\n\r\n * Opera 9.0.23 (Linux)\r\n * Opera 9.0.24 (Win32)\r\n\r\n\r\n * MSIE\r\n \r\n loose-wildcard-match: - (but matches wildcards in generic SLDs)\r\n subjectAltName-not-shown: Affected\r\n no-cert-name-binding: -\r\n servercert-storage: Missing (see note #1)\r\n\r\n Note 1: MSIE can actually store web server certificates, but without \r\n trusting the parent CA cert that does not eliminate "unknown issuer"\r\n warnings.\r\n\r\n Note 2: If there is a problem with the web server's certificate, MSIE7\r\n just says that "there is some problem". If you want to view the cert, or\r\n to know the nature of the problem (maybe the cert just expired?) you have\r\n to proceed. When you then realize that the CA is wrong, the cookie is\r\n stolen already.\r\n\r\n Note 3: Microsoft's attitude "There's a problem, but you do not need\r\n to know what kind of a problem. Abort (recommended) or proceed?" is really\r\n counterproductive and will not raise security awareness amongst users. In\r\n fact, users get trained to ignore security alerts. But that's another \r\n story...\r\n\r\n * MSIE 6.0.2900.2180 (WinXP Pro SP2)\r\n * MSIE 7.0.5730.11 (WinXP Pro SP2)\r\n * MSIE 7 (Windows Vista Ultimate) [ToDo: exact version]\r\n\r\n\r\n Sources\r\n=========\r\n\r\n[1] Recent DNS spoofing issues\r\n CVE-2007-2930: <http://www.trusteer.com/docs/bind8dns.html>\r\n CVE-2007-2926: <http://www.trusteer.com/docs/bind9dns.html>\r\n MS07-062 <http://www.microsoft.com/technet/security/bulletin/ms07-062.mspx>\r\n\r\n[2] DE-registry press releases about the hijacking of eBay.de and google.de\r\n <http://www.denic.de/en/denic/presse/press_60.html>\r\n <http://www.denic.de/de/denic/presse/press_79.html> (German)\r\n\r\n[3] dsniff <http://monkey.org/~dugsong/dsniff/>\r\n ettercap <http://ettercap.sourceforge.net/>\r\n\r\n[4] IDN homograph spoofing\r\n <http://www.shmoo.com/idn/homograph.txt>\r\n\r\n[5] Recent URL spoofing issues CVE-2007-3656, CVE-2007-3826, CVE-2007-3819\r\n <http://www.heise-security.co.uk/news/92725>\r\n\r\n[6] RFC 3280: "Internet X.509 Public Key Infrastructure"\r\n <http://www.ietf.org/rfc/rfc3280.txt>\r\n\r\n[7] RFC 3546: "Transport Layer Security (TLS) Extensions" (SNI)\r\n <http://www.ietf.org/rfc/rfc3546.txt>\r\n\r\n[8] RFC 2818: "HTTP Over TLS" (HTTPS)\r\n <http://www.ietf.org/rfc/rfc2818.txt>\r\n\r\n[9] Mozilla bugtracker\r\n #159483: "cert name matching: RFC 2818 vs. backwards compatibility"\r\n <https://bugzilla.mozilla.org/show_bug.cgi?id=159483>\r\n\r\n #238142: "server mismatch dialog doesn't show subject alt names"\r\n <https://bugzilla.mozilla.org/show_bug.cgi?id=238142> (not public)\r\n\r\n #240261: "peer-trusted certs can use alt names to spoof"\r\n <https://bugzilla.mozilla.org/show_bug.cgi?id=240261>\r\n\r\n #327181: "Improve error reporting for invalid-certificate errors"\r\n <https://bugzilla.mozilla.org/show_bug.cgi?id=327181> (#28, #51, #72)\r\n\r\n #402347: "Not binding X.509 certificate to originating domain name allows\r\n certificate spoofing" (dupe of #240261, but public)\r\n <https://bugzilla.mozilla.org/show_bug.cgi?id=402347>\r\n\r\n * Peter Gutmann: "X.509 Style Guide"\r\n <http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt>\r\n Peter Gutmann: "Security Usability Fundamentals"\r\n <http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf>\r\n\r\n * Geotrust: "Vulnerability of First-Generation Digital Certificates [...]"\r\n <http://www.antiphishing.org/sponsors_technical_papers/SSLVulnerabilityWPcds.pdf>\r\n\r\n * subjectAltName test site <http://test.eonis.net/> \r\n\r\n\r\n ToDo\r\n======\r\n\r\n * Translate into proper English\r\n * Test more browsers (Camino) and other TLS clients like MUAs\r\n * Check MSIE for reg-hacks to alter cert handling\r\n * Actually read the referenced sources ;)\r\n * Find a braindead major-browser-accredited CA which signs my certificate \r\n request with hidden TLD-wildcard subjectAltName. Take over the internet.\r\n\r\n\r\n License\r\n=========\r\n\r\nThis document is dual licenced under the Creative Commons licenses BY-ND 3.0\r\nand BY-NC-SA 3.0, so you may distribute it unaltered. For noncommercial \r\npurposes you may do anything you want unless you credit me and keep the \r\nBY-NC-SA license. See\r\n\r\n <http://creativecommons.org/licenses/by-nd/3.0/>\r\n <http://creativecommons.org/licenses/by-nc-sa/3.0/>\r\n\r\n\r\n About me\r\n==========\r\n\r\nMy name is Nils, and i am yet another paranoid network admin. Contact:\r\n\r\n <subjectAltName-mail@nils.toedtmann.net> \r\n $ whois toedtmann.net | grep owner-c\r\n\r\n\r\n Credits\r\n=========\r\n\r\n * Testing: Joerg Baach, Oliver Regehr, Uli Groene, Ingo Luetkebohle, \r\n Oliver Schonefeld, Marcus Grieger\r\n * Hosting: Fargonauten <http://fargonauten.de/> Marcant <http://marcant.net/>\r\n * Wordproc: Vim <http://www.vim.org/>, Aspell, LEO <http://dict.leo.org/>\r\n * Birthing: Mami\r\n\r\n\r\n123456789|123456789|123456789|123456789|123456789|123456789|123456789|123456789\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niD8DBQFHQFtVWSNYFlGcTrMRAuinAJ4zinO74OeoEhGnRU9TAOsZXgSmxQCfb3wr\r\nOb8/FNQThEHekHFjhdne9N8=\r\n=3jmj\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2007-11-19T00:00:00", "published": "2007-11-19T00:00:00", "id": "SECURITYVULNS:DOC:18452", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18452", "title": "ertificate spoofing with subjectAltName and domain name wildcards", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
