DATABASE RESOURCES PRICING ABOUT US

{"id": "RHSA-2010:0975", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2010:0975) Important: bind security update", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG\nrecords when adding an NCACHE record for the same entry to the cache. A\nremote attacker allowed to send recursive DNS queries to named could use\nthis flaw to crash named. (CVE-2010-3613)\n\nIt was discovered that, in certain cases, named did not properly perform\nDNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\nalgorithm rollover. This flaw could cause the validator to incorrectly\ndetermine that the zone is insecure and not protected by DNSSEC.\n(CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "published": "2010-12-13T00:00:00", "modified": "2018-06-06T16:24:17", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://access.redhat.com/errata/RHSA-2010:0975", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "immutableFields": [], "lastseen": "2021-10-19T18:37:13", "viewCount": 6, "enchantments": {"score": {"value": 2.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2010:0976", "CESA-2010:1000"]}, {"type": "cert", "idList": ["VU:510208", "VU:706148", "VU:837744"]}, {"type": "cisa", "idList": ["CISA:F3AC94C11AFBF638C4776B43B99CA3A4"]}, {"type": "cve", "idList": ["CVE-2010-3613", "CVE-2010-3614"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2130-1:300E3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-3613", "DEBIANCVE:CVE-2010-3614"]}, {"type": "f5", "idList": ["F5:K12567", "F5:K12851", "SOL12567", "SOL12851"]}, {"type": "fedora", "idList": ["FEDORA:08D0C110B45", "FEDORA:0CF50110BC2", "FEDORA:10088110CDD", "FEDORA:3AA15110C70"]}, {"type": "gentoo", "idList": ["GLSA-201206-01"]}, {"type": "nessus", "idList": ["5718.PRM", "AIX_IV01118.NASL", "AIX_IV01119.NASL", "AIX_IZ99391.NASL", "BIND9_972_P3.NASL", "CENTOS_RHSA-2010-0976.NASL", "CENTOS_RHSA-2010-1000.NASL", "DEBIAN_DSA-2130.NASL", "FEDORA_2010-18469.NASL", "FEDORA_2010-18521.NASL", "GENTOO_GLSA-201206-01.NASL", "MACOSX_SECUPD2011-006.NASL", "MANDRIVA_MDVSA-2010-253.NASL", "ORACLELINUX_ELSA-2010-0975.NASL", "ORACLELINUX_ELSA-2010-0976.NASL", "ORACLELINUX_ELSA-2010-1000.NASL", "REDHAT-RHSA-2010-0975.NASL", "REDHAT-RHSA-2010-0976.NASL", "REDHAT-RHSA-2010-1000.NASL", "SLACKWARE_SSA_2010-350-01.NASL", "SL_20101213_BIND_ON_SL5_X.NASL", "SL_20101220_BIND_ON_SL4_X.NASL", "SUSE_11_2_BIND-101207.NASL", "SUSE_11_3_BIND-101207.NASL", "UBUNTU_USN-1025-1.NASL", "VMWARE_VMSA-2011-0004.NASL", "VMWARE_VMSA-2011-0004_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103453", "OPENVAS:1361412562310103030", "OPENVAS:1361412562310103453", "OPENVAS:1361412562310122263", "OPENVAS:1361412562310122288", "OPENVAS:136141256231068667", "OPENVAS:136141256231071545", "OPENVAS:1361412562310802336", "OPENVAS:1361412562310831289", "OPENVAS:1361412562310835255", "OPENVAS:1361412562310840545", "OPENVAS:1361412562310862707", "OPENVAS:1361412562310862710", "OPENVAS:1361412562310862711", "OPENVAS:1361412562310862712", "OPENVAS:1361412562310870371", "OPENVAS:1361412562310870373", "OPENVAS:1361412562310880465", "OPENVAS:1361412562310880627", "OPENVAS:1361412562310881421", "OPENVAS:68667", "OPENVAS:71545", "OPENVAS:802336", "OPENVAS:831289", "OPENVAS:835255", "OPENVAS:840545", "OPENVAS:862707", "OPENVAS:862710", "OPENVAS:862711", "OPENVAS:862712", "OPENVAS:870371", "OPENVAS:870373", "OPENVAS:880465", "OPENVAS:880627", "OPENVAS:881421"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0975", "ELSA-2010-0976", "ELSA-2010-1000"]}, {"type": "osv", "idList": ["OSV:DSA-2130-1"]}, {"type": "redhat", "idList": ["RHSA-2010:0976", "RHSA-2010:1000"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25246", "SECURITYVULNS:DOC:25898", "SECURITYVULNS:DOC:27155", "SECURITYVULNS:VULN:11279", "SECURITYVULNS:VULN:11973"]}, {"type": "slackware", "idList": ["SSA-2010-350-01"]}, {"type": "ubuntu", "idList": ["USN-1025-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3613", "UB:CVE-2010-3614"]}, {"type": "veracode", "idList": ["VERACODE:24279", "VERACODE:24280"]}, {"type": "vmware", "idList": ["VMSA-2011-0004", "VMSA-2011-0004.3"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2010:0976", "CESA-2010:1000"]}, {"type": "cert", "idList": ["VU:510208"]}, {"type": "cisa", "idList": ["CISA:F3AC94C11AFBF638C4776B43B99CA3A4"]}, {"type": "cve", "idList": ["CVE-2010-3613", "CVE-2010-3614"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-3613"]}, {"type": "f5", "idList": ["SOL12567", "SOL12851"]}, {"type": "fedora", "idList": ["FEDORA:08D0C110B45"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/IBM-AIX-CVE-2010-3613/"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2010-0976.NASL", "SL_20101213_BIND_ON_SL5_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103453", "OPENVAS:881421"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0975", "ELSA-2010-0976"]}, {"type": "redhat", "idList": ["RHSA-2010:0976"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27155"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3613"]}]}, "exploitation": null, "vulnersScore": 2.4}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-sdb-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-sdb"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-utils-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-utils"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-chroot-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-chroot"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-chroot-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-chroot"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-9.7.0-5.P2.el6_0.1.src.rpm", "operator": "lt", "packageName": "bind"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.s390.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.ppc.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.s390.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-sdb-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-sdb"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.ppc.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-sdb-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-sdb"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-utils-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind-utils"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-sdb-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-sdb"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-libs-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-libs"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-chroot-9.7.0-5.P2.el6_0.1.s390x.rpm", "operator": "lt", "packageName": "bind-chroot"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-utils-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-utils"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-debuginfo-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-debuginfo"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.s390.rpm", "operator": "lt", "packageName": "bind-devel"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-9.7.0-5.P2.el6_0.1.i686.rpm", "operator": "lt", "packageName": "bind"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-utils-9.7.0-5.P2.el6_0.1.x86_64.rpm", "operator": "lt", "packageName": "bind-utils"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-chroot-9.7.0-5.P2.el6_0.1.ppc64.rpm", "operator": "lt", "packageName": "bind-chroot"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc", "packageVersion": "9.7.0-5.P2.el6_0.1", "packageFilename": "bind-devel-9.7.0-5.P2.el6_0.1.ppc.rpm", "operator": "lt", "packageName": "bind-devel"}], "vendorCvss": {"severity": "important"}, "_state": {"dependencies": 1660004461, "score": 1660010187}, "_internal": {"score_hash": "ebe8fbb1113e09944f1e6acb27d9be60"}}

{"nessus": [{"lastseen": "2023-01-11T14:50:38", "description": "From Red Hat Security Advisory 2010:0975 :\n\nUpdated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : bind (ELSA-2010-0975)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind-utils", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2010-0975.NASL", "href": "https://www.tenable.com/plugins/nessus/68161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0975 and \n# Oracle Linux Security Advisory ELSA-2010-0975 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68161);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"RHSA\", value:\"2010:0975\");\n\n script_name(english:\"Oracle Linux 6 : bind (ELSA-2010-0975)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0975 :\n\nUpdated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001851.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"bind-9.7.0-5.P2.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-chroot-9.7.0-5.P2.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-devel-9.7.0-5.P2.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-libs-9.7.0-5.P2.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-sdb-9.7.0-5.P2.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-utils-9.7.0-5.P2.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:29:38", "description": "Adding certain types of signed negative responses to cache doesn't clear any matching RRSIG records already in cache. A subsequent lookup of the cached data can cause named to crash (CVE-2010-3613).\n\nbind did not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover (CVE-2010-3614).", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2010:1031-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_BIND-101207.NASL", "href": "https://www.tenable.com/plugins/nessus/53698", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-3662.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53698);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2010:1031-1)\");\n script_summary(english:\"Check for the bind-3662 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adding certain types of signed negative responses to cache doesn't\nclear any matching RRSIG records already in cache. A subsequent lookup\nof the cached data can cause named to crash (CVE-2010-3613).\n\nbind did not properly determine the security status of an NS RRset\nduring a DNSKEY algorithm rollover, which might allow remote attackers\nto cause a denial of service (DNSSEC validation error) by triggering a\nrollover (CVE-2010-3614).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=657102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=657129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00018.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-9.6.1P3-1.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-chrootenv-9.6.1P3-1.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-devel-9.6.1P3-1.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-libs-9.6.1P3-1.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bind-utils-9.6.1P3-1.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.6.1P3-1.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-devel / bind-libs / bind-libs-32bit / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:52", "description": "Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2010-12-14T00:00:00", "type": "nessus", "title": "RHEL 6 : bind (RHSA-2010:0975)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-debuginfo", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0975.NASL", "href": "https://www.tenable.com/plugins/nessus/51153", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0975. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51153);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"RHSA\", value:\"2010:0975\");\n\n script_name(english:\"RHEL 6 : bind (RHSA-2010:0975)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0975\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0975\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-chroot-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-chroot-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-chroot-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-debuginfo-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-devel-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"bind-libs-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-sdb-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-sdb-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-sdb-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"bind-utils-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"bind-utils-9.7.0-5.P2.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"bind-utils-9.7.0-5.P2.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:40:41", "description": "The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cause a denial of service.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 0 : bind9 (IV01119)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV01119.NASL", "href": "https://www.tenable.com/plugins/nessus/63696", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind9_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63696);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n\n script_name(english:\"AIX 7.1 TL 0 : bind9 (IV01119)\");\n script_summary(english:\"Check for APAR IV01119\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security status of an NS RRset is not properly determined during a\nDNSKEY algorithm rollover which can allow a remote attacker to cause a\ndenial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache\nare not properly handled which can allow a remote attacker to cause a\ndenial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind9_advisory2.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", patch:\"IV01119s03\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.15\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", patch:\"IV01119s03\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.15\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:38:49", "description": "The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cause a denial of service.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "AIX 6.1 TL 4 : bind9 (IV01118)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_IV01118.NASL", "href": "https://www.tenable.com/plugins/nessus/63695", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind9_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63695);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n\n script_name(english:\"AIX 6.1 TL 4 : bind9 (IV01118)\");\n script_summary(english:\"Check for APAR IV01118\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security status of an NS RRset is not properly determined during a\nDNSKEY algorithm rollover which can allow a remote attacker to cause a\ndenial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache\nare not properly handled which can allow a remote attacker to cause a\ndenial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind9_advisory2.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"6.1\", ml:\"04\", patch:\"IV01118s00\", package:\"bos.net.tcp.client\", minfilesetver:\"6.1.4.0\", maxfilesetver:\"6.1.4.10\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"04\", patch:\"IV01118s00\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.4.0\", maxfilesetver:\"6.1.4.8\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"05\", patch:\"IV01118s00\", package:\"bos.net.tcp.client\", minfilesetver:\"6.1.5.0\", maxfilesetver:\"6.1.5.6\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"05\", patch:\"IV01118s00\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.5.0\", maxfilesetver:\"6.1.5.5\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"06\", patch:\"IV01118s00\", package:\"bos.net.tcp.client\", minfilesetver:\"6.1.6.0\", maxfilesetver:\"6.1.6.15\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"06\", patch:\"IV01118s00\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.6.0\", maxfilesetver:\"6.1.6.15\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:37:45", "description": "The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cause a denial of service.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "AIX 5.3 TL 12 : bind9 (IZ99391)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:5.3"], "id": "AIX_IZ99391.NASL", "href": "https://www.tenable.com/plugins/nessus/63827", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind9_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63827);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n\n script_name(english:\"AIX 5.3 TL 12 : bind9 (IZ99391)\");\n script_summary(english:\"Check for APAR IZ99391\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security status of an NS RRset is not properly determined during a\nDNSKEY algorithm rollover which can allow a remote attacker to cause a\ndenial of service.\n\nSigned negative responses and corresponding RRSIG records in the cache\nare not properly handled which can allow a remote attacker to cause a\ndenial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind9_advisory2.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", patch:\"IZ99391s00\", package:\"bos.net.tcp.client\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.4\") < 0) flag++;\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", patch:\"IZ99391s00\", package:\"bos.net.tcp.server\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.2\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:25:57", "description": "It was discovered that Bind would incorrectly allow a ncache entry and a rrsig for the same type. A remote attacker could exploit this to cause Bind to crash, resulting in a denial of service. (CVE-2010-3613)\n\nIt was discovered that Bind would incorrectly mark zone data as insecure when the zone is undergoing a key algorithm rollover.\n(CVE-2010-3614).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : bind9 vulnerabilities (USN-1025-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:bind9", "p-cpe:/a:canonical:ubuntu_linux:bind9-doc", "p-cpe:/a:canonical:ubuntu_linux:bind9-host", "p-cpe:/a:canonical:ubuntu_linux:bind9utils", "p-cpe:/a:canonical:ubuntu_linux:dnsutils", "p-cpe:/a:canonical:ubuntu_linux:host", "p-cpe:/a:canonical:ubuntu_linux:libbind-dev", "p-cpe:/a:canonical:ubuntu_linux:libbind9-0", "p-cpe:/a:canonical:ubuntu_linux:libbind9-30", "p-cpe:/a:canonical:ubuntu_linux:libbind9-50", "p-cpe:/a:canonical:ubuntu_linux:libbind9-60", "p-cpe:/a:canonical:ubuntu_linux:libdns21", "p-cpe:/a:canonical:ubuntu_linux:libdns23", "p-cpe:/a:canonical:ubuntu_linux:libdns35", "p-cpe:/a:canonical:ubuntu_linux:libdns36", "p-cpe:/a:canonical:ubuntu_linux:libdns50", "p-cpe:/a:canonical:ubuntu_linux:libdns53", "p-cpe:/a:canonical:ubuntu_linux:libdns64", "p-cpe:/a:canonical:ubuntu_linux:libdns66", "p-cpe:/a:canonical:ubuntu_linux:libisc11", "p-cpe:/a:canonical:ubuntu_linux:libisc35", "p-cpe:/a:canonical:ubuntu_linux:libisc50", "p-cpe:/a:canonical:ubuntu_linux:libisc60", "p-cpe:/a:canonical:ubuntu_linux:libisccc0", "p-cpe:/a:canonical:ubuntu_linux:libisccc30", "p-cpe:/a:canonical:ubuntu_linux:libisccc50", "p-cpe:/a:canonical:ubuntu_linux:libisccc60", "p-cpe:/a:canonical:ubuntu_linux:libisccfg1", "p-cpe:/a:canonical:ubuntu_linux:libisccfg30", "p-cpe:/a:canonical:ubuntu_linux:libisccfg50", "p-cpe:/a:canonical:ubuntu_linux:libisccfg60", "p-cpe:/a:canonical:ubuntu_linux:liblwres30", "p-cpe:/a:canonical:ubuntu_linux:liblwres50", "p-cpe:/a:canonical:ubuntu_linux:liblwres60", "p-cpe:/a:canonical:ubuntu_linux:liblwres9", "p-cpe:/a:canonical:ubuntu_linux:lwresd", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-1025-1.NASL", "href": "https://www.tenable.com/plugins/nessus/50970", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1025-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50970);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"USN\", value:\"1025-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : bind9 vulnerabilities (USN-1025-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Bind would incorrectly allow a ncache entry and\na rrsig for the same type. A remote attacker could exploit this to\ncause Bind to crash, resulting in a denial of service. (CVE-2010-3613)\n\nIt was discovered that Bind would incorrectly mark zone data as\ninsecure when the zone is undergoing a key algorithm rollover.\n(CVE-2010-3614).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1025-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbind9-60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdns66\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisc60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccc60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libisccfg60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres50\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblwres9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-doc\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"bind9-host\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dnsutils\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind-dev\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libbind9-0\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libdns21\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libdns23\", pkgver:\"1:9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisc11\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccc0\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libisccfg1\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"liblwres9\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"lwresd\", pkgver:\"9.3.2-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9-doc\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"bind9-host\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dnsutils\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libbind-dev\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libbind9-30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns35\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libdns36\", pkgver:\"1:9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisc35\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisccc30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libisccfg30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"liblwres30\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"lwresd\", pkgver:\"9.4.2.dfsg.P2-2ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9-doc\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9-host\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"bind9utils\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dnsutils\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libbind-dev\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libbind9-50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libdns50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libdns53\", pkgver:\"1:9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisc50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisccc50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libisccfg50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"liblwres50\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"lwresd\", pkgver:\"9.6.1.dfsg.P1-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"bind9\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"bind9-doc\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"bind9-host\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"bind9utils\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"dnsutils\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libbind-dev\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libbind9-60\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libdns64\", pkgver:\"1:9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libisc60\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libisccc60\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libisccfg60\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"liblwres60\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"lwresd\", pkgver:\"9.7.0.dfsg.P1-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"bind9\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"bind9-doc\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"bind9-host\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"bind9utils\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"dnsutils\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"host\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libbind-dev\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libbind9-60\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libdns66\", pkgver:\"1:9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libisc60\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libisccc60\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libisccfg60\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"liblwres60\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"lwresd\", pkgver:\"9.7.1.dfsg.P2-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind9 / bind9-doc / bind9-host / bind9utils / dnsutils / host / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:17", "description": "Update to 9.7.2-P3 release which contains various security fixes.\n\nThis update also provides bind-dyndb-ldap and dnsperf packages rebuild against updated bind.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-12-08T00:00:00", "type": "nessus", "title": "Fedora 13 : bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13 / bind-9.7.2-1.P3.fc13 / etc (2010-18521)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "p-cpe:/a:fedoraproject:fedora:dnsperf", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-18521.NASL", "href": "https://www.tenable.com/plugins/nessus/51067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18521.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51067);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"FEDORA\", value:\"2010-18521\");\n\n script_name(english:\"Fedora 13 : bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13 / bind-9.7.2-1.P3.fc13 / etc (2010-18521)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 9.7.2-P3 release which contains various security fixes.\n\nThis update also provides bind-dyndb-ldap and dnsperf packages rebuild\nagainst updated bind.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=658974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=658977\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a15fcfbe\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051911.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de848142\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051914.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18060269\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind, bind-dyndb-ldap and / or dnsperf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"bind-9.7.2-1.P3.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"dnsperf-1.0.1.0-19.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dnsperf\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-18T14:32:02", "description": "Adding certain types of signed negative responses to cache doesn't clear any matching RRSIG records already in cache. A subsequent lookup of the cached data can cause named to crash (CVE-2010-3613).\n\nbind did not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover (CVE-2010-3614).", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bind (openSUSE-SU-2010:1031-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bind", "p-cpe:/a:novell:opensuse:bind-chrootenv", "p-cpe:/a:novell:opensuse:bind-devel", "p-cpe:/a:novell:opensuse:bind-libs", "p-cpe:/a:novell:opensuse:bind-libs-32bit", "p-cpe:/a:novell:opensuse:bind-utils", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_BIND-101207.NASL", "href": "https://www.tenable.com/plugins/nessus/75437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bind-3662.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75437);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n\n script_name(english:\"openSUSE Security Update : bind (openSUSE-SU-2010:1031-1)\");\n script_summary(english:\"Check for the bind-3662 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adding certain types of signed negative responses to cache doesn't\nclear any matching RRSIG records already in cache. A subsequent lookup\nof the cached data can cause named to crash (CVE-2010-3613).\n\nbind did not properly determine the security status of an NS RRset\nduring a DNSKEY algorithm rollover, which might allow remote attackers\nto cause a denial of service (DNSSEC validation error) by triggering a\nrollover (CVE-2010-3614).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=657102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=657129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00018.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-9.7.1P2-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-chrootenv-9.7.1P2-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-devel-9.7.1P2-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-libs-9.7.1P2-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"bind-utils-9.7.1P2-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.7.1P2-0.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chrootenv / bind-devel / bind-libs / bind-libs-32bit / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:14", "description": "From Red Hat Security Advisory 2010:0976 :\n\nUpdated bind packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had multiple trust anchors configured for a zone, a response to a request for a record in that zone with a bad signature could cause named to crash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : bind (ELSA-2010-0976)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-libbind-devel", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:caching-nameserver", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0976.NASL", "href": "https://www.tenable.com/plugins/nessus/68162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0976 and \n# Oracle Linux Security Advisory ELSA-2010-0976 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68162);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"RHSA\", value:\"2010:0976\");\n\n script_name(english:\"Oracle Linux 5 : bind (ELSA-2010-0976)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0976 :\n\nUpdated bind packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request\nfor a record in that zone with a bad signature could cause named to\ncrash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001770.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-libs-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:30:15", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that could allow attackers to successfully query private DNS records, or cause a denial of service.", "cvss3": {}, "published": "2011-05-28T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2010-350-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2010-350-01.NASL", "href": "https://www.tenable.com/plugins/nessus/54895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-350-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54895);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\");\n script_bugtraq_id(45133, 45134, 45137);\n script_xref(name:\"SSA\", value:\"2010-350-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2010-350-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix\nsecurity issues that could allow attackers to successfully query\nprivate DNS records, or cause a denial of service.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c665b3fe\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4_ESV_R4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.7.2_P3\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.2_P3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:27:38", "description": "It was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had multiple trust anchors configured for a zone, a response to a request for a record in that zone with a bad signature could cause named to crash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAfter installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : bind on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101213_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60920", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60920);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request\nfor a record in that zone with a bad signature could cause named to\ncrash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=1313\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?40662ea9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libs-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:48", "description": "Multiple vulnerabilities were discovered and corrected in bind :\n\nnamed in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data (CVE-2010-3613).\n\nnamed in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover (CVE-2010-3614).\n\nISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query (CVE-2010-3762).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90\n\nThe updated packages for Corporate Server 4.0 has been patched to address these issues.\n\nThe updated packages for Mandriva Linux 2009.0, 2010.0 and Mandriva Linux Enterprise Server 5.1 has been upgraded to bind-9.6.2-P3 and patched to address the CVE-2010-3762 security issue.\n\nThe updated packages for Mandriva Linux 2010.1 has been upgraded to bind-9.7.2-P3 which is not vulnerable to these issues.", "cvss3": {}, "published": "2010-12-15T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : bind (MDVSA-2010:253)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:bind", "p-cpe:/a:mandriva:linux:bind-devel", "p-cpe:/a:mandriva:linux:bind-doc", "p-cpe:/a:mandriva:linux:bind-utils", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-253.NASL", "href": "https://www.tenable.com/plugins/nessus/51182", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:253. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51182);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_bugtraq_id(45133, 45137, 45385);\n script_xref(name:\"MDVSA\", value:\"2010:253\");\n\n script_name(english:\"Mandriva Linux Security Advisory : bind (MDVSA-2010:253)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in bind :\n\nnamed in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3,\nand 9.7.x before 9.7.2-P3 does not properly handle the combination of\nsigned negative responses and corresponding RRSIG records in the\ncache, which allows remote attackers to cause a denial of service\n(daemon crash) via a query for cached data (CVE-2010-3613).\n\nnamed in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV\nbefore 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly\ndetermine the security status of an NS RRset during a DNSKEY algorithm\nrollover, which might allow remote attackers to cause a denial of\nservice (DNSSEC validation error) by triggering a rollover\n(CVE-2010-3614).\n\nISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not\nproperly handle certain bad signatures if multiple trust anchors exist\nfor a single zone, which allows remote attackers to cause a denial of\nservice (daemon crash) via a DNS query (CVE-2010-3762).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nThe updated packages for Corporate Server 4.0 has been patched to\naddress these issues.\n\nThe updated packages for Mandriva Linux 2009.0, 2010.0 and Mandriva\nLinux Enterprise Server 5.1 has been upgraded to bind-9.6.2-P3 and\npatched to address the CVE-2010-3762 security issue.\n\nThe updated packages for Mandriva Linux 2010.1 has been upgraded to\nbind-9.7.2-P3 which is not vulnerable to these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-9.6.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-devel-9.6.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-doc-9.6.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"bind-utils-9.6.2-0.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-9.6.2-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-devel-9.6.2-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-doc-9.6.2-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"bind-utils-9.6.2-0.2mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-9.7.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-devel-9.7.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-doc-9.7.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"bind-utils-9.7.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:52", "description": "Updated bind packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had multiple trust anchors configured for a zone, a response to a request for a record in that zone with a bad signature could cause named to crash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2010-12-14T00:00:00", "type": "nessus", "title": "CentOS 5 : bind (CESA-2010:0976)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-chroot", "p-cpe:/a:centos:centos:bind-devel", "p-cpe:/a:centos:centos:bind-libbind-devel", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-sdb", "p-cpe:/a:centos:centos:bind-utils", "p-cpe:/a:centos:centos:caching-nameserver", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0976.NASL", "href": "https://www.tenable.com/plugins/nessus/51145", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0976 and \n# CentOS Errata and Security Advisory 2010:0976 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51145);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"RHSA\", value:\"2010:0976\");\n\n script_name(english:\"CentOS 5 : bind (CESA-2010:0976)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request\nfor a record in that zone with a bad signature could cause named to\ncrash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-December/017209.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49d1eca5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-December/017210.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c80f3217\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-libs-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:24:33", "description": "The remote host is running BIND, and open source name server.\n\nVersions of BIND 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV < R3, and 9.7.x < 9.7.2-P3 are potentially affected by multiple vulnerabilities :\n\n - Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named. (CVE-2010-3613)\n\n - Named, when acting as a DNSSEC validating resolver, could incorrectly mark zone data as insecure when the zone being queried is undergoing a key algorithm rollover. (CVE-2010-3614)\n\n - Using 'allow-query' in the 'options' or 'view' statements to restrict access to authorize zones has no effect. (CVE-2010-3615)", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "nessus", "title": "ISC BIND 9.4-ESV < 9.4-ESV-R4 / 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3 / 9.7.x < 9.7.2-P3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*"], "id": "5718.PRM", "href": "https://www.tenable.com/plugins/nnm/5718", "sourceData": "Binary data 5718.prm", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:07", "description": "According to its self-reported version number, the remote installation of BIND is affected by multiple vulnerabilities :\n\n - Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named. (CVE-2010-3613)\n\n - Named, when acting as a DNSSEC validating resolver, could incorrectly mark zone data as insecure when the zone being queried is undergoing a key algorithm rollover. (CVE-2010-3614)\n\n - Using 'allow-query' in the 'options' or 'view' statements to restrict access to authoritative zones has no effect. (CVE-2010-3615)", "cvss3": {}, "published": "2010-12-03T00:00:00", "type": "nessus", "title": "ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3, 9.7.x < 9.7.2-P3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/a:isc:bind"], "id": "BIND9_972_P3.NASL", "href": "https://www.tenable.com/plugins/nessus/50976", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50976);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\");\n script_bugtraq_id(45133, 45134, 45137);\n script_xref(name:\"CERT\", value:\"510208\");\n script_xref(name:\"CERT\", value:\"706148\");\n script_xref(name:\"CERT\", value:\"837744\");\n\n script_name(english:\"ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3, 9.7.x < 9.7.2-P3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Bind9\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote name server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote installation\nof BIND is affected by multiple vulnerabilities :\n\n - Failure to clear existing RRSIG records when a NO DATA\n is negatively cached could cause subsequent lookups to\n crash named. (CVE-2010-3613)\n\n - Named, when acting as a DNSSEC validating resolver,\n could incorrectly mark zone data as insecure when the\n zone being queried is undergoing a key algorithm\n rollover. (CVE-2010-3614)\n\n - Using 'allow-query' in the 'options' or 'view'\n statements to restrict access to authoritative zones has\n no effect. (CVE-2010-3615)\");\n\n # ftp://ftp.isc.org/isc/bind9/9.4-ESV-R4/RELEASE-NOTES-BIND-9.4-ESV-R4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8ad86629\");\n script_set_attribute(attribute:\"see_also\", value:\"ftp://ftp.isc.org/isc/bind9/9.6.2-P3/RELEASE-NOTES-BIND-9.6.2-P3.html\");\n # ftp://ftp.isc.org/isc/bind9/9.6-ESV-R3/RELEASE-NOTES-BIND-9.6-ESV-R3.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a364472f\");\n script_set_attribute(attribute:\"see_also\", value:\"ftp://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.isc.org/software/bind/advisories/cve-2010-3613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.isc.org/software/bind/advisories/cve-2010-3614\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.isc.org/software/bind/advisories/cve-2010-3615\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to BIND 9.4-ESV-R4, 9.6.2-P3, 9.6-ESV-R3, 9.7.2-P3, or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"bind_version.nasl\");\n script_require_keys(\"bind/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nversion = get_kb_item_or_exit(\"bind/version\");\n\nif (\n version =~ '^9\\\\.[0-3]\\\\.' ||\n version =~ '^9\\\\.4-ESV($|-R[0-3]$)' ||\n version =~ '^9\\\\.5\\\\.' ||\n version =~ '^9\\\\.6\\\\.2($|-P[0-2]$)' ||\n version =~ '^9\\\\.6-ESV($|-R[0-2]$)' ||\n version =~ '^9\\\\.7\\\\.([01]($|[^0-9])|2([^0-9\\\\-]|$|-P[0-2]([^0-9]|$)))'\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + version +\n '\\n Fixed version : 9.4-ESV-R4 / 9.6.2-P3 / 9.6-ESV-R3 / 9.7.2-P3\\n';\n security_warning(port:53, proto:\"udp\", extra:report);\n }\n else security_warning(port:53, proto:\"udp\");\n exit(0);\n}\nelse exit(0, 'Bind version ' + version + ' is running on port 53 and thus is not affected.');\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:17", "description": "Updated bind packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had multiple trust anchors configured for a zone, a response to a request for a record in that zone with a bad signature could cause named to crash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2010-12-14T00:00:00", "type": "nessus", "title": "RHEL 5 : bind (RHSA-2010:0976)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-sdb", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "p-cpe:/a:redhat:enterprise_linux:caching-nameserver", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0976.NASL", "href": "https://www.tenable.com/plugins/nessus/51154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0976. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51154);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"RHSA\", value:\"2010:0976\");\n\n script_name(english:\"RHEL 5 : bind (RHSA-2010:0976)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached\nRRSIG records when adding an NCACHE record for the same entry to the\ncache. A remote attacker allowed to send recursive DNS queries to\nnamed could use this flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request\nfor a record in that zone with a bad signature could cause named to\ncrash. (CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly\nperform DNSSEC validation of an NS RRset for zones in the middle of a\nDNSKEY algorithm rollover. This flaw could cause the validator to\nincorrectly determine that the zone is insecure and not protected by\nDNSSEC. (CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe update, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0976\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0976\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-chroot-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libbind-devel-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind-libs-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-sdb-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind-utils-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"caching-nameserver-9.3.6-4.P1.el5_5.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:26:35", "description": "Update to 9.7.2-P3 release which contains various security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "nessus", "title": "Fedora 14 : bind-9.7.2-4.P3.fc14 (2010-18469)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2010-18469.NASL", "href": "https://www.tenable.com/plugins/nessus/51084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18469.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51084);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\");\n script_bugtraq_id(45133, 45134, 45137);\n script_xref(name:\"FEDORA\", value:\"2010-18469\");\n\n script_name(english:\"Fedora 14 : bind-9.7.2-4.P3.fc14 (2010-18469)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 9.7.2-P3 release which contains various security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=658974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=658977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=658982\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93e1ea69\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bind-9.7.2-4.P3.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T15:27:07", "description": "Several remote vulnerabilities have been discovered in BIND, an implementation of the DNS protocol suite. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2010-3762 When DNSSEC validation is enabled, BIND does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (server crash) via a DNS query.\n\n - CVE-2010-3614 BIND does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which may lead to zone unavailability during rollovers.\n\n - CVE-2010-3613 BIND does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (server crash) via a query for cached data.\n\nIn addition, this security update improves compatibility with previously installed versions of the bind9 package. As a result, it is necessary to initiate the update with 'apt-get dist-upgrade' instead of 'apt-get update'.", "cvss3": {}, "published": "2010-12-12T00:00:00", "type": "nessus", "title": "Debian DSA-2130-1 : bind9 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bind9", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2130.NASL", "href": "https://www.tenable.com/plugins/nessus/51127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2130. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51127);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_bugtraq_id(45133, 45137);\n script_xref(name:\"DSA\", value:\"2130\");\n\n script_name(english:\"Debian DSA-2130-1 : bind9 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in BIND, an\nimplementation of the DNS protocol suite. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2010-3762\n When DNSSEC validation is enabled, BIND does not\n properly handle certain bad signatures if multiple trust\n anchors exist for a single zone, which allows remote\n attackers to cause a denial of service (server crash)\n via a DNS query.\n\n - CVE-2010-3614\n BIND does not properly determine the security status of\n an NS RRset during a DNSKEY algorithm rollover, which\n may lead to zone unavailability during rollovers.\n\n - CVE-2010-3613\n BIND does not properly handle the combination of signed\n negative responses and corresponding RRSIG records in\n the cache, which allows remote attackers to cause a\n denial of service (server crash) via a query for cached\n data.\n\nIn addition, this security update improves compatibility with\npreviously installed versions of the bind9 package. As a result, it is\nnecessary to initiate the update with 'apt-get dist-upgrade' instead\nof 'apt-get update'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2130\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bind9 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R3+dfsg-0+lenny1.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1:9.7.2.dfsg.P3-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"bind9\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9-doc\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9-host\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"bind9utils\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dnsutils\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libbind-dev\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libbind9-50\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libdns58\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisc50\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisccc50\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libisccfg50\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"liblwres50\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"lwresd\", reference:\"1:9.6.ESV.R3+dfsg-0+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:16", "description": "From Red Hat Security Advisory 2010:1000 :\n\nUpdated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG records when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : bind (ELSA-2010-1000)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-utils", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2010-1000.NASL", "href": "https://www.tenable.com/plugins/nessus/68169", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:1000 and \n# Oracle Linux Security Advisory ELSA-2010-1000 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68169);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\");\n script_bugtraq_id(45133);\n script_xref(name:\"RHSA\", value:\"2010:1000\");\n\n script_name(english:\"Oracle Linux 4 : bind (ELSA-2010-1000)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:1000 :\n\nUpdated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could\nuse this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001779.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"bind-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"bind-chroot-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"bind-devel-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"bind-libs-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"bind-utils-9.2.4-30.el4_8.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-utils\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:20:26", "description": "Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG records when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2011-01-28T00:00:00", "type": "nessus", "title": "CentOS 4 : bind (CESA-2010:1000)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind", "p-cpe:/a:centos:centos:bind-chroot", "p-cpe:/a:centos:centos:bind-devel", "p-cpe:/a:centos:centos:bind-libs", "p-cpe:/a:centos:centos:bind-utils", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2010-1000.NASL", "href": "https://www.tenable.com/plugins/nessus/51783", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:1000 and \n# CentOS Errata and Security Advisory 2010:1000 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51783);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3613\");\n script_bugtraq_id(45133);\n script_xref(name:\"RHSA\", value:\"2010:1000\");\n\n script_name(english:\"CentOS 4 : bind (CESA-2010:1000)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could\nuse this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017239.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d680b464\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017240.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ddb42004\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"bind-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"bind-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"bind-chroot-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"bind-chroot-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"bind-devel-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"bind-devel-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"bind-libs-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"bind-libs-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"bind-utils-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"bind-utils-9.2.4-30.el4_8.6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-utils\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:28:29", "description": "It was discovered that named did not invalidate previously cached SIG records when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nAfter installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : bind on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101220_BIND_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60924);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could\nuse this flaw to crash named. (CVE-2010-3613)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=1770\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61cf4990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"bind-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-chroot-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-devel-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-libs-9.2.4-30.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"bind-utils-9.2.4-30.el4_8.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T15:26:12", "description": "Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG records when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.", "cvss3": {}, "published": "2010-12-21T00:00:00", "type": "nessus", "title": "RHEL 4 : bind (RHSA-2010:1000)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind", "p-cpe:/a:redhat:enterprise_linux:bind-chroot", "p-cpe:/a:redhat:enterprise_linux:bind-devel", "p-cpe:/a:redhat:enterprise_linux:bind-libs", "p-cpe:/a:redhat:enterprise_linux:bind-utils", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2010-1000.NASL", "href": "https://www.tenable.com/plugins/nessus/51355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:1000. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51355);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3613\");\n script_bugtraq_id(45133);\n script_xref(name:\"RHSA\", value:\"2010:1000\");\n\n script_name(english:\"RHEL 4 : bind (RHSA-2010:1000)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache.\nA remote attacker allowed to send recursive DNS queries to named could\nuse this flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:1000\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:1000\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"bind-9.2.4-30.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-chroot-9.2.4-30.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-devel-9.2.4-30.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-libs-9.2.4-30.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"bind-utils-9.2.4-30.el4_8.6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-utils\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:24:50", "description": "The remote host is affected by the vulnerability described in GLSA-201206-01 (BIND: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.\n Impact :\n\n The vulnerabilities allow remote attackers to cause a Denial of Service (daemon crash) via a DNS query, to bypass intended access restrictions, to incorrectly cache a ncache entry and a rrsig for the same type and to incorrectly mark zone data as insecure.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "nessus", "title": "GLSA-201206-01 : BIND: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615", "CVE-2010-3762", "CVE-2011-0414", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2465", "CVE-2011-4313"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:bind", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201206-01.NASL", "href": "https://www.tenable.com/plugins/nessus/59629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59629);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_xref(name:\"GLSA\", value:\"201206-01\");\n\n script_name(english:\"GLSA-201206-01 : BIND: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-01\n(BIND: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in BIND. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n The vulnerabilities allow remote attackers to cause a Denial of Service\n (daemon crash) via a DNS query, to bypass intended access restrictions,\n to incorrectly cache a ncache entry and a rrsig for the same type and to\n incorrectly mark zone data as insecure.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All bind users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already\n no longer affected by this issue.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/bind\", unaffected:make_list(\"ge 9.7.4_p1\"), vulnerable:make_list(\"lt 9.7.4_p1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"BIND\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:25:59", "description": "a. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.\n\n VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-3609 to this issue.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3613, CVE-2010-3614, and CVE-2010-3762 to these issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3316, CVE-2010-3435, and CVE-2010-3853 to these issues.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2059 to this issue.", "cvss3": {}, "published": "2011-03-08T00:00:00", "type": "nessus", "title": "VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199", "CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3609", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762", "CVE-2010-3853"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:4.0", "cpe:/o:vmware:esx:4.1", "cpe:/o:vmware:esxi:4.0", "cpe:/o:vmware:esxi:4.1"], "id": "VMWARE_VMSA-2011-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/52582", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2011-0004. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52582);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\", \"CVE-2010-3316\", \"CVE-2010-3435\", \"CVE-2010-3609\", \"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\", \"CVE-2010-3853\");\n script_bugtraq_id(40512, 42472, 43487, 44590, 45133, 45137, 45385, 46772);\n script_xref(name:\"VMSA\", value:\"2011-0004\");\n\n script_name(english:\"VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote VMware ESXi / ESX host is missing one or more\nsecurity-related patches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in\n the Service Location Protocol daemon (SLPD). Exploitation of this\n vulnerability could cause SLPD to consume significant CPU\n resources.\n\n VMware would like to thank Nicolas Gregoire and US CERT for\n reporting this issue to us.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-3609 to this issue.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version\n 9.3.6-4.P1.el5_5.3, which resolves multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-3613, CVE-2010-3614, and\n CVE-2010-3762 to these issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw,\n which resolves multiple security issues with PAM modules.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-3316, CVE-2010-3435, and\n CVE-2010-3853 to these issues.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to\n 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1,\n which resolves a security issue.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-2059 to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2012/000159.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2011-03-07\");\nflag = 0;\n\n\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103401-SG\",\n patch_updates : make_list(\"ESX400-201104401-SG\", \"ESX400-201110401-SG\", \"ESX400-201111201-SG\", \"ESX400-201203401-SG\", \"ESX400-201205401-SG\", \"ESX400-201206401-SG\", \"ESX400-201209401-SG\", \"ESX400-201302401-SG\", \"ESX400-201305401-SG\", \"ESX400-201310401-SG\", \"ESX400-201404401-SG\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103404-SG\",\n patch_updates : make_list(\"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103406-SG\",\n patch_updates : make_list(\"ESX400-201203405-SG\", \"ESX400-201209404-SG\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103407-SG\",\n patch_updates : make_list(\"ESX400-201305403-SG\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201101201-SG\",\n patch_updates : make_list(\"ESX40-TO-ESX41UPDATE01\", \"ESX410-201104401-SG\", \"ESX410-201110201-SG\", \"ESX410-201201401-SG\", \"ESX410-201204401-SG\", \"ESX410-201205401-SG\", \"ESX410-201206401-SG\", \"ESX410-201208101-SG\", \"ESX410-201211401-SG\", \"ESX410-201301401-SG\", \"ESX410-201304401-SG\", \"ESX410-201307401-SG\", \"ESX410-201312401-SG\", \"ESX410-201404401-SG\", \"ESX410-Update01\", \"ESX410-Update02\", \"ESX410-Update03\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201104407-SG\",\n patch_updates : make_list(\"ESX410-201211402-SG\", \"ESX410-201301402-SG\", \"ESX410-Update02\", \"ESX410-Update03\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201110207-SG\",\n patch_updates : make_list(\"ESX410-Update02\", \"ESX410-Update03\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.0\",\n patch : \"ESXi400-201103401-SG\",\n patch_updates : make_list(\"ESXi400-201104401-SG\", \"ESXi400-201110401-SG\", \"ESXi400-201203401-SG\", \"ESXi400-201205401-SG\", \"ESXi400-201206401-SG\", \"ESXi400-201209401-SG\", \"ESXi400-201302401-SG\", \"ESXi400-201305401-SG\", \"ESXi400-201310401-SG\", \"ESXi400-201404401-SG\", \"ESXi400-Update03\", \"ESXi400-Update04\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.1\",\n patch : \"ESXi410-201101201-SG\",\n patch_updates : make_list(\"ESXi410-201104401-SG\", \"ESXi410-201110201-SG\", \"ESXi410-201201401-SG\", \"ESXi410-201204401-SG\", \"ESXi410-201205401-SG\", \"ESXi410-201206401-SG\", \"ESXi410-201208101-SG\", \"ESXi410-201211401-SG\", \"ESXi410-201301401-SG\", \"ESXi410-201304401-SG\", \"ESXi410-201307401-SG\", \"ESXi410-201312401-SG\", \"ESXi410-201404401-SG\", \"ESXi410-Update01\", \"ESXi410-Update02\", \"ESXi410-Update03\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:34:57", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including arbitrary code execution vulnerabilities, in several third-party components and libraries :\n\n - bind\n - pam\n - popt\n - rpm\n - rpm-libs\n - rpm-python\n - Service Location Protocol daemon (SLPD)", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199", "CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3609", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762", "CVE-2010-3853"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_VMSA-2011-0004_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89675", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89675);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2005-4889\",\n \"CVE-2010-2059\",\n \"CVE-2010-2199\",\n \"CVE-2010-3316\",\n \"CVE-2010-3435\",\n \"CVE-2010-3609\",\n \"CVE-2010-3613\",\n \"CVE-2010-3614\",\n \"CVE-2010-3762\",\n \"CVE-2010-3853\"\n );\n script_bugtraq_id(\n 40512,\n 42472,\n 43487,\n 44590,\n 45133,\n 45137,\n 45385,\n 46772\n );\n script_xref(name:\"VMSA\", value:\"2011-0004\");\n\n script_name(english:\"VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check)\");\n script_summary(english:\"Checks the ESX / ESXi version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\narbitrary code execution vulnerabilities, in several third-party\ncomponents and libraries :\n\n - bind\n - pam\n - popt\n - rpm\n - rpm-libs\n - rpm-python\n - Service Location Protocol daemon (SLPD)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2011-0004\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.vmware.com/pipermail/security-announce/2012/000159.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n \n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Misc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\nesx = '';\n\nif (\"ESX\" >!< rel)\n audit(AUDIT_OS_NOT, \"VMware ESX/ESXi\");\n\nextract = eregmatch(pattern:\"^(ESXi?) (\\d\\.\\d).*$\", string:ver);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_APP_VER, \"VMware ESX/ESXi\");\nelse\n{\n esx = extract[1];\n ver = extract[2];\n}\n\n# fixed build numbers are the same for ESX and ESXi\nfixes = make_array(\n \"4.0\", \"360236\",\n \"4.1\", \"381591\"\n );\n\nfix = FALSE;\nfix = fixes[ver];\n\n# get the build before checking the fix for the most complete audit trail\nextract = eregmatch(pattern:'^VMware ESXi?.* build-([0-9]+)$', string:rel);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_BUILD, \"VMware \" + esx, ver);\n\nbuild = int(extract[1]);\n\n# if there is no fix in the array, fix is FALSE\nif (!fix)\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n\nif (build < fix)\n{\n\n report = '\\n Version : ' + esx + \" \" + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fix +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n exit(0);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:37:08", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2011-10-13T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2011-006)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4022", "CVE-2010-0097", "CVE-2010-1157", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-2227", "CVE-2010-3436", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3718", "CVE-2010-4172", "CVE-2010-4645", "CVE-2011-0013", "CVE-2011-0185", "CVE-2011-0224", "CVE-2011-0229", "CVE-2011-0230", "CVE-2011-0231", "CVE-2011-0249", "CVE-2011-0250", "CVE-2011-0251", "CVE-2011-0252", "CVE-2011-0259", "CVE-2011-0411", "CVE-2011-0419", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0534", "CVE-2011-0707", "CVE-2011-0708", "CVE-2011-1092", "CVE-2011-1153", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1521", "CVE-2011-1755", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3192", "CVE-2011-3213", "CVE-2011-3214", "CVE-2011-3217", "CVE-2011-3218", "CVE-2011-3219", "CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223", "CVE-2011-3224", "CVE-2011-3228"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2011-006.NASL", "href": "https://www.tenable.com/plugins/nessus/56481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56481);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-4022\",\n \"CVE-2010-0097\",\n \"CVE-2010-1157\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2010-2227\",\n \"CVE-2010-3436\",\n \"CVE-2010-3613\",\n \"CVE-2010-3614\",\n \"CVE-2010-3718\",\n \"CVE-2010-4172\",\n \"CVE-2010-4645\",\n \"CVE-2011-0013\",\n \"CVE-2011-0185\",\n \"CVE-2011-0224\",\n \"CVE-2011-0229\",\n \"CVE-2011-0230\",\n \"CVE-2011-0231\",\n \"CVE-2011-0249\",\n \"CVE-2011-0250\",\n \"CVE-2011-0251\",\n \"CVE-2011-0252\",\n \"CVE-2011-0259\",\n \"CVE-2011-0411\",\n \"CVE-2011-0419\",\n \"CVE-2011-0420\",\n \"CVE-2011-0421\",\n \"CVE-2011-0534\",\n \"CVE-2011-0707\",\n \"CVE-2011-0708\",\n \"CVE-2011-1092\",\n \"CVE-2011-1153\",\n \"CVE-2011-1466\",\n \"CVE-2011-1467\",\n \"CVE-2011-1468\",\n \"CVE-2011-1469\",\n \"CVE-2011-1470\",\n \"CVE-2011-1471\",\n \"CVE-2011-1521\",\n \"CVE-2011-1755\",\n \"CVE-2011-1910\",\n \"CVE-2011-2464\",\n \"CVE-2011-2690\",\n \"CVE-2011-2691\",\n \"CVE-2011-2692\",\n \"CVE-2011-3192\",\n \"CVE-2011-3213\",\n \"CVE-2011-3214\",\n \"CVE-2011-3217\",\n \"CVE-2011-3218\",\n \"CVE-2011-3219\",\n \"CVE-2011-3220\",\n \"CVE-2011-3221\",\n \"CVE-2011-3222\",\n \"CVE-2011-3223\",\n \"CVE-2011-3224\",\n \"CVE-2011-3228\"\n );\n script_bugtraq_id(\n 37118,\n 37865,\n 39635,\n 40370,\n 40863,\n 41544,\n 44723,\n 45015,\n 45133,\n 45137,\n 45668,\n 46164,\n 46174,\n 46177,\n 46354,\n 46365,\n 46429,\n 46464,\n 46767,\n 46786,\n 46854,\n 46967,\n 46968,\n 46969,\n 46970,\n 46975,\n 46977,\n 48007,\n 48250,\n 48566,\n 48618,\n 48660,\n 49303,\n 50085,\n 50091,\n 50092,\n 50095,\n 50098,\n 50100,\n 50101,\n 50111,\n 50116,\n 50117,\n 50122,\n 50127,\n 50130,\n 50131,\n 50150 \n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2011-006)\");\n script_summary(english:\"Check for the presence of Security Update 2011-006\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2011-006 applied. This update contains numerous\nsecurity-related fixes for the following components :\n\n - Apache\n - Application Firewall\n - ATS\n - BIND\n - Certificate Trust Policy\n - CFNetwork\n - CoreFoundation\n - CoreMedia\n - File Systems\n - IOGraphics\n - iChat Server\n - Mailman\n - MediaKit\n - PHP\n - postfix\n - python\n - QuickTime\n - Tomcat\n - User Documentation\n - Web Server\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-295/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-303/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-136/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523931/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Oct/msg00003.html\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2011-006 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) \n{\n packages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2011\\.00[6-9]|201[2-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2011-006 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running \"+os+\" and therefore is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-23T13:05:47", "description": "Check for the Version of bind-dyndb-ldap", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind-dyndb-ldap FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310862711", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind-dyndb-ldap FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind-dyndb-ldap on Fedora 13\";\ntag_insight = \"This package provides an LDAP back-end plug-in for BIND. It features\n support for dynamic updates and internal caching, to lift the load\n off of your LDAP server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051911.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862711\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind-dyndb-ldap FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind-dyndb-ldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind-dyndb-ldap\", rpm:\"bind-dyndb-ldap~0.1.0~0.10.a1.20091210git.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:18:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1025-1", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 vulnerabilities USN-1025-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840545", "href": "http://plugins.openvas.org/nasl.php?oid=840545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1025_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for bind9 vulnerabilities USN-1025-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Bind would incorrectly allow a ncache entry and a\n rrsig for the same type. A remote attacker could exploit this to cause\n Bind to crash, resulting in a denial of service. (CVE-2010-3613)\n\n It was discovered that Bind would incorrectly mark zone data as insecure\n when the zone is undergoing a key algorithm rollover. (CVE-2010-3614)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1025-1\";\ntag_affected = \"bind9 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1025-1/\");\n script_id(840545);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1025-1\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Ubuntu Update for bind9 vulnerabilities USN-1025-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns53\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns21\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns23\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns35\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc35\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"host\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:04:56", "description": "Check for the Version of dnsperf", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for dnsperf FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310862712", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862712", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsperf FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"dnsperf on Fedora 13\";\ntag_insight = \"This is dnsperf, a collection of DNS server performance testing tools.\n For more information, see the dnsperf(1) and resperf(1) man pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051914.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862712\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for dnsperf FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dnsperf\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsperf\", rpm:\"dnsperf~1.0.1.0~19.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:40", "description": "Check for the Version of bind-dyndb-ldap", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind-dyndb-ldap FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:862711", "href": "http://plugins.openvas.org/nasl.php?oid=862711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind-dyndb-ldap FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind-dyndb-ldap on Fedora 13\";\ntag_insight = \"This package provides an LDAP back-end plug-in for BIND. It features\n support for dynamic updates and internal caching, to lift the load\n off of your LDAP server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051911.html\");\n script_id(862711);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind-dyndb-ldap FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind-dyndb-ldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind-dyndb-ldap\", rpm:\"bind-dyndb-ldap~0.1.0~0.10.a1.20091210git.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:52", "description": "Check for the Version of dnsperf", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for dnsperf FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:862712", "href": "http://plugins.openvas.org/nasl.php?oid=862712", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsperf FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"dnsperf on Fedora 13\";\ntag_insight = \"This is dnsperf, a collection of DNS server performance testing tools.\n For more information, see the dnsperf(1) and resperf(1) man pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051914.html\");\n script_id(862712);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for dnsperf FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dnsperf\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsperf\", rpm:\"dnsperf~1.0.1.0~19.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-12-11T19:43:18", "description": "ISC BIND is prone to multiple Vulnerabilities.", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2019-12-10T00:00:00", "id": "OPENVAS:1361412562310103030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103030", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:isc:bind\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103030\");\n script_version(\"2019-12-10T15:03:15+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 15:03:15 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 14:24:22 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_bugtraq_id(45133, 45137);\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"bind_version.nasl\");\n script_mandatory_keys(\"isc/bind/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/45133\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/45137\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/aa-00938\");\n script_xref(name:\"URL\", value:\"https://kb.isc.org/docs/aa-00936\");\n script_xref(name:\"URL\", value:\"http://support.avaya.com/css/P8/documents/100124923\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"ISC BIND is prone to multiple Vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"1. A remote denial-of-service vulnerability.\n\n An attacker can exploit this issue to cause the affected service to\n crash, denying service to legitimate users.\n\n 2. A security vulnerability that affects the integrity security property\n of the application.\");\n\n script_tag(name:\"affected\", value:\"BIND versions 9.6.2 to 9.6.2-P2, 9.6-ESV to 9.6-ESV-R2 and 9.7.0 to\n 9.7.2-P2 are vulnerable.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_in_range( version:version, test_version:\"9.6.2\", test_version2:\"9.6.2p1\" ) ||\n version_in_range( version:version, test_version:\"9.6.ESV\", test_version2:\"9.6.ESV.R1\" ) ||\n version_in_range( version:version, test_version:\"9.7\", test_version2:\"9.7.2p2\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"See references.\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "description": "Oracle Linux Local Security Checks ELSA-2010-0975", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0975", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122263", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122263", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0975.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122263\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0975\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0975 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0975\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0975.html\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.0~5.P2.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-12-21T11:33:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1025-1", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for bind9 vulnerabilities USN-1025-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:1361412562310840545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1025_1.nasl 8187 2017-12-20 07:30:09Z teissa $\n#\n# Ubuntu Update for bind9 vulnerabilities USN-1025-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Bind would incorrectly allow a ncache entry and a\n rrsig for the same type. A remote attacker could exploit this to cause\n Bind to crash, resulting in a denial of service. (CVE-2010-3613)\n\n It was discovered that Bind would incorrectly mark zone data as insecure\n when the zone is undergoing a key algorithm rollover. (CVE-2010-3614)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1025-1\";\ntag_affected = \"bind9 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1025-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840545\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1025-1\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Ubuntu Update for bind9 vulnerabilities USN-1025-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns53\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres50\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.6.1.dfsg.P1-3ubuntu0.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-0\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns21\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns23\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc11\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc0\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg1\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres9\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.3.2-2ubuntu1.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns64\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.7.0.dfsg.P1-1ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns35\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns36\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc35\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres30\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.4.2.dfsg.P2-2ubuntu0.6\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libdns66\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisc60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libisccfg60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"host\", ver:\"9.7.1.dfsg.P2-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:49", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2010:0976-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:1361412562310870371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2010:0976-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached RRSIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n A flaw was found in the DNSSEC validation code in named. If named had\n multiple trust anchors configured for a zone, a response to a request for a\n record in that zone with a bad signature could cause named to crash.\n (CVE-2010-3762)\n \n It was discovered that, in certain cases, named did not properly perform\n DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\n algorithm rollover. This flaw could cause the validator to incorrectly\n determine that the zone is insecure and not protected by DNSSEC.\n (CVE-2010-3614)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-December/msg00025.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870371\");\n script_version(\"$Revision: 8266 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 08:28:32 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0976-01\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"RedHat Update for bind RHSA-2010:0976-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:38", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2010:253 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:831289", "href": "http://plugins.openvas.org/nasl.php?oid=831289", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2010:253 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in bind:\n\n named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3,\n and 9.7.x before 9.7.2-P3 does not properly handle the combination\n of signed negative responses and corresponding RRSIG records in the\n cache, which allows remote attackers to cause a denial of service\n (daemon crash) via a query for cached data (CVE-2010-3613).\n \n named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3,\n 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not\n properly determine the security status of an NS RRset during a DNSKEY\n algorithm rollover, which might allow remote attackers to cause a\n denial of service (DNSSEC validation error) by triggering a rollover\n (CVE-2010-3614).\n \n ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does\n not properly handle certain bad signatures if multiple trust anchors\n exist for a single zone, which allows remote attackers to cause a\n denial of service (daemon crash) via a DNS query (CVE-2010-3762).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages for Corporate Server 4.0 has been patched to\n address these issues.\n \n The updated packages for Mandriva Linux 2009.0, 2010.0 and Mandriva\n Linux Enterprise Server 5.1 has been upgraded to bind-9.6.2-P3 and\n patched to address the CVE-2010-3762 security issue.\n \n The updated packages for Mandriva Linux 2010.1 has been upgraded to\n bind-9.7.2-P3 which is not vulnerable to these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00013.php\");\n script_id(831289);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:253\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"Mandriva Update for bind MDVSA-2010:253 (bind)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:04", "description": "Oracle Linux Local Security Checks ELSA-2010-0976", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122288", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122288", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0976.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122288\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0976\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0976 - bind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0976\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0976.html\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:0976 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:0976 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-December/017209.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880627\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0976\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"CentOS Update for bind CESA-2010:0976 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached RRSIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n\n A flaw was found in the DNSSEC validation code in named. If named had\n multiple trust anchors configured for a zone, a response to a request for a\n record in that zone with a bad signature could cause named to crash.\n (CVE-2010-3762)\n\n It was discovered that, in certain cases, named did not properly perform\n DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\n algorithm rollover. This flaw could cause the validator to incorrectly\n determine that the zone is insecure and not protected by DNSSEC.\n (CVE-2010-3614)\n\n All BIND users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n update, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-12-21T11:32:26", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2010-18469", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3615", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:862707", "href": "http://plugins.openvas.org/nasl.php?oid=862707", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2010-18469\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 14\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html\");\n script_id(862707);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18469\");\n script_cve_id(\"CVE-2010-3615\", \"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind FEDORA-2010-18469\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~4.P3.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:23", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Mandriva Update for bind MDVSA-2010:253 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310831289", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831289", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for bind MDVSA-2010:253 (bind)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in bind:\n\n named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3,\n and 9.7.x before 9.7.2-P3 does not properly handle the combination\n of signed negative responses and corresponding RRSIG records in the\n cache, which allows remote attackers to cause a denial of service\n (daemon crash) via a query for cached data (CVE-2010-3613).\n \n named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3,\n 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not\n properly determine the security status of an NS RRset during a DNSKEY\n algorithm rollover, which might allow remote attackers to cause a\n denial of service (DNSSEC validation error) by triggering a rollover\n (CVE-2010-3614).\n \n ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does\n not properly handle certain bad signatures if multiple trust anchors\n exist for a single zone, which allows remote attackers to cause a\n denial of service (daemon crash) via a DNS query (CVE-2010-3762).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages for Corporate Server 4.0 has been patched to\n address these issues.\n \n The updated packages for Mandriva Linux 2009.0, 2010.0 and Mandriva\n Linux Enterprise Server 5.1 has been upgraded to bind-9.6.2-P3 and\n patched to address the CVE-2010-3762 security issue.\n \n The updated packages for Mandriva Linux 2010.1 has been upgraded to\n bind-9.7.2-P3 which is not vulnerable to these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00013.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831289\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:253\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"Mandriva Update for bind MDVSA-2010:253 (bind)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.7.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.6.2~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:37", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0213", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862710", "href": "http://plugins.openvas.org/nasl.php?oid=862710", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 13\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html\");\n script_id(862710);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-0213\", \"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~1.P3.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:03", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-350-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-350-01 bind ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3615", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68667", "href": "http://plugins.openvas.org/nasl.php?oid=68667", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_350_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that\ncould allow attackers to successfully query private DNS records, or cause a\ndenial of service.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-350-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-350-01\";\n \nif(description)\n{\n script_id(68667);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-350-01 bind \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:0976 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880627", "href": "http://plugins.openvas.org/nasl.php?oid=880627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:0976 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached RRSIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n A flaw was found in the DNSSEC validation code in named. If named had\n multiple trust anchors configured for a zone, a response to a request for a\n record in that zone with a bad signature could cause named to crash.\n (CVE-2010-3762)\n \n It was discovered that, in certain cases, named did not properly perform\n DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\n algorithm rollover. This flaw could cause the validator to incorrectly\n determine that the zone is insecure and not protected by DNSSEC.\n (CVE-2010-3614)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-December/017209.html\");\n script_id(880627);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0976\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"CentOS Update for bind CESA-2010:0976 centos5 i386\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-17T11:05:53", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2010-18521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0213", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862710", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862710", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2010-18521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 13\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862710\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18521\");\n script_cve_id(\"CVE-2010-0213\", \"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind FEDORA-2010-18521\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~1.P3.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:04:35", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for bind FEDORA-2010-18469", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3615", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310862707", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862707", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2010-18469\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bind on Fedora 14\";\ntag_insight = \"BIND (Berkeley Internet Name Domain) is an implementation of the DNS\n (Domain Name System) protocols. BIND includes a DNS server (named),\n which resolves host names to IP addresses; a resolver library\n (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating properly.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862707\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18469\");\n script_cve_id(\"CVE-2010-3615\", \"CVE-2010-3613\", \"CVE-2010-3614\");\n script_name(\"Fedora Update for bind FEDORA-2010-18469\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.7.2~4.P3.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:57", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2010:0976-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:870371", "href": "http://plugins.openvas.org/nasl.php?oid=870371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2010:0976-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached RRSIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n A flaw was found in the DNSSEC validation code in named. If named had\n multiple trust anchors configured for a zone, a response to a request for a\n record in that zone with a bad signature could cause named to crash.\n (CVE-2010-3762)\n \n It was discovered that, in certain cases, named did not properly perform\n DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\n algorithm rollover. This flaw could cause the validator to incorrectly\n determine that the zone is insecure and not protected by DNSSEC.\n (CVE-2010-3614)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-December/msg00025.html\");\n script_id(870371);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0976-01\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\");\n script_name(\"RedHat Update for bind RHSA-2010:0976-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~4.P1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-350-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-350-01 bind", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3615", "CVE-2010-3614", "CVE-2010-3613"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231068667", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068667", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_350_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68667\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-350-01 bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-350-01\");\n\n script_tag(name:\"insight\", value:\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that\ncould allow attackers to successfully query private DNS records, or cause a\ndenial of service.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-350-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R4-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:1000 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:1000 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017239.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880465\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2010:1000\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"CentOS Update for bind CESA-2010:1000 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"bind on CentOS 4\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n\n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:20", "description": "Check for the Version of BIND", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02655", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835255", "href": "http://plugins.openvas.org/nasl.php?oid=835255", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for BIND HPSBUX02655\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote\";\ntag_affected = \"BIND on\n HP-UX B.11.31 running BIND 9.3 prior to C.9.3.2.9.0 HP-UX B.11.11 and \n B.11.23 running BIND 9.3 prior to C.9.3.2.8.0\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX running \n BIND. This vulnerability could beexploited remotely to create a Denial of \n Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02783438\");\n script_id(835255);\n script_version(\"$Revision: 6582 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:11:56 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02655\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"HP-UX Update for BIND HPSBUX02655\");\n\n script_summary(\"Check for the Version of BIND\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-AUX\", revision:\"C.9.3.2.9.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.9.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:35", "description": "Check for the Version of bind", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:1000 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880465", "href": "http://plugins.openvas.org/nasl.php?oid=880465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:1000 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"bind on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017239.html\");\n script_id(880465);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2010:1000\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"CentOS Update for bind CESA-2010:1000 centos4 i386\");\n\n script_summary(\"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:22", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2010:1000-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310870373", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2010:1000-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-December/msg00034.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870373\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:1000-01\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"RedHat Update for bind RHSA-2010:1000-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:37", "description": "Check for the Version of bind", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "RedHat Update for bind RHSA-2010:1000-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:870373", "href": "http://plugins.openvas.org/nasl.php?oid=870373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2010:1000-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n \n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\n\ntag_affected = \"bind on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-December/msg00034.html\");\n script_id(870373);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:1000-01\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"RedHat Update for bind RHSA-2010:1000-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:56:36", "description": "Check for the Version of bind", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:1000 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:881421", "href": "http://plugins.openvas.org/nasl.php?oid=881421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:1000 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named); a resolver\n library (routines for applications to use when interfacing with DNS); and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n\n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\";\n\ntag_affected = \"bind on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017240.html\");\n script_id(881421);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:50:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3613\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2010:1000\");\n script_name(\"CentOS Update for bind CESA-2010:1000 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for bind CESA-2010:1000 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2010:1000 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017240.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881421\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:50:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3613\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2010:1000\");\n script_name(\"CentOS Update for bind CESA-2010:1000 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"bind on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\n Name System (DNS) protocols. BIND includes a DNS server (named), a resolver\n library (routines for applications to use when interfacing with DNS), and\n tools for verifying that the DNS server is operating correctly.\n\n It was discovered that named did not invalidate previously cached SIG\n records when adding an NCACHE record for the same entry to the cache. A\n remote attacker allowed to send recursive DNS queries to named could use\n this flaw to crash named. (CVE-2010-3613)\n\n All BIND users are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue. After installing the\n update, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.2.4~30.el4_8.6\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the BIND package(s) announced via the referenced advisory.", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for BIND HPSBUX02655", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2018-10-04T00:00:00", "id": "OPENVAS:1361412562310835255", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835255", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02655.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for BIND HPSBUX02655\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02783438\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835255\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name:\"HPSBUX\", value:\"02655\");\n script_cve_id(\"CVE-2010-3613\");\n script_name(\"HP-UX Update for BIND HPSBUX02655\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the BIND package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23|11\\.11)\");\n\n script_tag(name:\"impact\", value:\"Remote\");\n\n script_tag(name:\"affected\", value:\"BIND on HP-UX B.11.31 running BIND 9.3 prior to C.9.3.2.9.0 HP-UX B.11.11 and\n B.11.23 running BIND 9.3 prior to C.9.3.2.8.0\");\n\n script_tag(name:\"insight\", value:\"A potential security vulnerability has been identified with HP-UX running\n BIND. This vulnerability could beexploited remotely to create a Denial of\n Service (DoS).\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-AUX\", revision:\"C.9.3.2.9.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"NameService.BIND-RUN\", revision:\"C.9.3.2.9.0\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND2-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"BindUpgrade.BIND-UPGRADE\", revision:\"C.9.3.2.8.0\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2017-10-30T10:48:45", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\n\nSummary\n\nService Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\nfor bind, pam, and rpm.\n\nRelevant releases\n\nVMware ESXi 4.1 without patch ESXi410-201101201-SG.\nVMware ESXi 4.0 without patch ESXi400-201103401-SG.\nVMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG.\nVMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG.\n\nProblem Description\n\na. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of\n this vulnerability could cause SLPD to consume significant CPU resources.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2017-10-26T00:00:00", "id": "OPENVAS:103453", "href": "http://plugins.openvas.org/nasl.php?oid=103453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2011-0004.nasl 7583 2017-10-26 12:07:01Z cfischer $\n#\n# VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\n\nSummary\n\nService Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\nfor bind, pam, and rpm.\n\nRelevant releases\n\nVMware ESXi 4.1 without patch ESXi410-201101201-SG.\nVMware ESXi 4.0 without patch ESXi400-201103401-SG.\nVMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG.\nVMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG.\n\nProblem Description\n\na. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of\n this vulnerability could cause SLPD to consume significant CPU resources.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.\";\n\ntag_solution = \"Apply the missing patch(es).\";\n\nif (description)\n{\n script_id(103453);\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\", \"CVE-2010-3316\", \"CVE-2010-3435\", \"CVE-2010-3853\", \"CVE-2010-2059\", \"CVE-2010-3609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 7583 $\");\n script_name(\"VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-26 14:07:01 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:14 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2011-0004.html\");\n exit(0);\n}\n\ninclude(\"version_func.inc\"); # Used in _esxi_patch_missing()\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201101201-SG\",\n \"4.0.0\",\"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n\n\n\n\n\n\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-19T16:08:42", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm (VMSA-2011-0004.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103453\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\", \"CVE-2010-3316\", \"CVE-2010-3435\", \"CVE-2010-3853\", \"CVE-2010-2059\", \"CVE-2010-3609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm (VMSA-2011-0004.3)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:14 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2011-0004.html\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\");\n\n script_tag(name:\"affected\", value:\"VMware ESXi 4.1 without patch ESXi410-201101201-SG\n\n VMware ESXi 4.0 without patch ESXi400-201103401-SG\n\n VMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG\n\n VMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG\");\n\n script_tag(name:\"impact\", value:\"a. Service Location Protocol daemon DoS\n\n Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.\");\n\n script_tag(name:\"insight\", value:\"Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\n for bind, pam, and rpm.\n\n a. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD).\n\n b. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\n c. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\n d. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201101201-SG\",\n \"4.0.0\", \"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-01.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-01 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0414", "CVE-2011-2464", "CVE-2010-3615", "CVE-2011-2465", "CVE-2010-3614", "CVE-2010-3613", "CVE-2011-4313", "CVE-2010-3762", "CVE-2011-1910"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071545", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_01.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71545\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:52 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-01 (bind)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in BIND, the worst of\n which allowing to cause remote Denial of Service.\");\n script_tag(name:\"solution\", value:\"All bind users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already no longer affected by this issue.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-01\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=347621\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=356223\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=368863\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=374201\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=374623\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=390753\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-01.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.7.4_p1\"), vulnerable: make_list(\"lt 9.7.4_p1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:50:46", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-01.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-01 (bind)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0414", "CVE-2011-2464", "CVE-2010-3615", "CVE-2011-2465", "CVE-2010-3614", "CVE-2010-3613", "CVE-2011-4313", "CVE-2010-3762", "CVE-2011-1910"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71545", "href": "http://plugins.openvas.org/nasl.php?oid=71545", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in BIND, the worst of\n which allowing to cause remote Denial of Service.\";\ntag_solution = \"All bind users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1'\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since December 22, 2011. It is likely that your system is\n already\n no longer affected by this issue.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=347621\nhttp://bugs.gentoo.org/show_bug.cgi?id=356223\nhttp://bugs.gentoo.org/show_bug.cgi?id=368863\nhttp://bugs.gentoo.org/show_bug.cgi?id=374201\nhttp://bugs.gentoo.org/show_bug.cgi?id=374623\nhttp://bugs.gentoo.org/show_bug.cgi?id=390753\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-01.\";\n\n \n \nif(description)\n{\n script_id(71545);\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3615\", \"CVE-2010-3762\", \"CVE-2011-0414\", \"CVE-2011-1910\", \"CVE-2011-2464\", \"CVE-2011-2465\", \"CVE-2011-4313\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:52 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-01 (bind)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-dns/bind\", unaffected: make_list(\"ge 9.7.4_p1\"), vulnerable: make_list(\"lt 9.7.4_p1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-04-27T19:22:38", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802336\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5000\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5002\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\\.8\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\");\n script_tag(name:\"affected\", value:\"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Run Mac Updates and update the Security Update 2011-006\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"Equal to 10.6.8\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:54", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.", "cvss3": {}, "published": "2011-10-20T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:802336", "href": "http://plugins.openvas.org/nasl.php?oid=802336", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su11-006.nasl 7029 2017-08-31 11:51:40Z teissa $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,\n CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,\n iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,\n Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,\n User Documentation, Web Server and X11.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Run Mac Updates and update the Security Update 2011-006\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.\";\n\nif(description)\n{\n script_id(802336);\n script_version(\"$Revision: 7029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)\");\n script_cve_id(\"CVE-2011-0419\", \"CVE-2011-3192\", \"CVE-2011-0185\", \"CVE-2011-3437\",\n \"CVE-2011-0229\", \"CVE-2011-0230\", \"CVE-2011-1910\", \"CVE-2011-2464\",\n \"CVE-2009-4022\", \"CVE-2010-0097\", \"CVE-2010-3613\", \"CVE-2010-3614\",\n \"CVE-2011-0231\", \"CVE-2011-3246\", \"CVE-2011-0259\", \"CVE-2011-0187\",\n \"CVE-2011-0224\", \"CVE-2011-0260\", \"CVE-2011-3212\", \"CVE-2011-3213\",\n \"CVE-2011-3214\", \"CVE-2011-1755\", \"CVE-2011-3215\", \"CVE-2011-3216\",\n \"CVE-2011-3227\", \"CVE-2011-0707\", \"CVE-2011-3217\", \"CVE-2011-3435\",\n \"CVE-2010-3436\", \"CVE-2010-4645\", \"CVE-2011-0420\", \"CVE-2011-0421\",\n \"CVE-2011-0708\", \"CVE-2011-1092\", \"CVE-2011-1153\", \"CVE-2011-1466\",\n \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\",\n \"CVE-2011-1471\", \"CVE-2011-0411\", \"CVE-2010-1634\", \"CVE-2010-2089\",\n \"CVE-2011-1521\", \"CVE-2011-3228\", \"CVE-2011-0249\", \"CVE-2011-0250\",\n \"CVE-2011-0251\", \"CVE-2011-0252\", \"CVE-2011-3218\", \"CVE-2011-3219\",\n \"CVE-2011-3220\", \"CVE-2011-3221\", \"CVE-2011-3222\", \"CVE-2011-3223\",\n \"CVE-2011-3225\", \"CVE-2010-1157\", \"CVE-2010-2227\", \"CVE-2010-3718\",\n \"CVE-2010-4172\", \"CVE-2011-0013\", \"CVE-2011-0534\", \"CVE-2011-3224\",\n \"CVE-2011-2690\", \"CVE-2011-2691\", \"CVE-2011-2692\", \"CVE-2011-3436\",\n \"CVE-2011-3226\", \"CVE-2011-0226\");\n script_bugtraq_id(47820, 49303, 50092, 50112, 50091, 50099, 48007, 48566, 37118,\n 37865, 45133, 45137, 50098, 50115, 50067, 46992, 50095, 50120,\n 50109, 50116, 50111, 48250, 50113, 50121, 50129, 46464, 50117,\n 50114, 50146, 50153, 48619, 48660, 48618, 44723, 45668, 46429,\n 46354, 46365, 46786, 46854, 46967, 46968, 46977, 46970, 46969,\n 46975, 46767, 40370, 40863, 47024, 50127, 48993, 49038, 50122,\n 50068, 50130, 50131, 50100, 50101, 50144, 39635, 41544, 46177,\n 45015, 46174, 46164, 50150);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5000\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5002\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2011.006\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.006\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:10", "description": "[32:9.7.0-5.P2.1]\n- fix CVE-2010-3613 and CVE-2010-3614", "cvss3": {}, "published": "2011-02-10T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2010-0975", "href": "http://linux.oracle.com/errata/ELSA-2010-0975.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:53", "description": "[30:9.3.6-4.P1.3]\n- fixes for CVE-2010-3762, CVE-2010-3613 and CVE-2010-3614", "cvss3": {}, "published": "2010-12-13T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2010-12-13T00:00:00", "id": "ELSA-2010-0976", "href": "http://linux.oracle.com/errata/ELSA-2010-0976.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "[20:9.2.4-30.6]\n- fix CVE-2010-3613", "cvss3": {}, "published": "2010-12-20T00:00:00", "type": "oraclelinux", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3613"], "modified": "2010-12-20T00:00:00", "id": "ELSA-2010-1000", "href": "http://linux.oracle.com/errata/ELSA-2010-1000.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:39", "description": "DoS, information leaks.", "edition": 1, "cvss3": {}, "published": "2010-12-06T00:00:00", "type": "securityvulns", "title": "bind named DNS server vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2010-12-06T00:00:00", "id": "SECURITYVULNS:VULN:11279", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11279", "sourceData": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "description": "===========================================================\r\nUbuntu Security Notice USN-1025-1 December 01, 2010\r\nbind9 vulnerabilities\r\nCVE-2010-3613, CVE-2010-3614\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 9.10\r\nUbuntu 10.04 LTS\r\nUbuntu 10.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libdns23 1:9.3.2-2ubuntu1.12\r\n\r\nUbuntu 8.04 LTS:\r\n libdns36 1:9.4.2.dfsg.P2-2ubuntu0.6\r\n\r\nUbuntu 9.10:\r\n libdns53 1:9.6.1.dfsg.P1-3ubuntu0.4\r\n\r\nUbuntu 10.04 LTS:\r\n libdns64 1:9.7.0.dfsg.P1-1ubuntu0.1\r\n\r\nUbuntu 10.10:\r\n libdns66 1:9.7.1.dfsg.P2-2ubuntu0.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that Bind would incorrectly allow a ncache entry and a\r\nrrsig for the same type. A remote attacker could exploit this to cause\r\nBind to crash, resulting in a denial of service. &#40;CVE-2010-3613&#41;\r\n\r\nIt was discovered that Bind would incorrectly mark zone data as insecure\r\nwhen the zone is undergoing a key algorithm rollover. &#40;CVE-2010-3614&#41;\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12.diff.gz\r\n Size/MD5: 110912 1465f8fc6971d7405c3a6f0599f4f1c8\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12.dsc\r\n Size/MD5: 1426 91818d0547f21cb82a4027f9f3bd04a3\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz\r\n Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.12_all.deb\r\n Size/MD5: 181478 aa9ca99c8a542129db1f5dee581fd0c9\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 112696 a8a1f21148cd788763fd6f7d7cd1042c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 312202 73ddb9cf27f255379ee7f684499d9f54\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 185526 9de3a6c5c5189fe099a0e49beaf8c000\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 1131194 d6df2ae2dbfab1d8b9c93bbdb701683c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 92722 a74cfe962e6791f781bb32c5dec7a782\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 79694 49c338d130adef76380116db191480fa\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 558340 8006d8555ede433ae7569c68b4ff473c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 191200 11ced804a5cdcf1e37f3091f3e56a3ce\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 93852 d7020f6e152f665bd5703d516c53cdc4\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 109720 1432d5cb4fa94a8857a39ecbe7e151bc\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 112064 3a3d538665cb08c9f91c95559af408fd\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.12_amd64.deb\r\n Size/MD5: 220578 71dbe3a4763e932e26649ba98e5acc46\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 109554 3eac70d28dc17a33d654c7b64f5d19a9\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 291192 79a88e11c0275eb47efd9c75a91e5e41\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 176184 8ee0bfe83aeedd5e50c3c8946fd77a6d\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 999352 0be8b68c03a7f6e3eaf619befeab50b0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 91886 a95595de89b57f4ec519158055dac95e\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 79594 8b1ffadbdea2ee0c7e7639ccfa8c7232\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 483962 783fae12777e3c56f184dc6faa976e4e\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 173168 4a720994ed1455cf210731304a0f3b9c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 91340 126ade9410fd1ef7f3e7dcb9e518c751\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 103144 e45f6f2b2cee3a280ce32a20fd878d8e\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 107792 9345ce11152e50c711094114f1fb1ab9\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.12_i386.deb\r\n Size/MD5: 203764 e89cf5174f6a373f0cac855f796ce543\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 111184 508676712007182dacae9352ffd47c98\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 304268 4c3de1c81b8a1ec8e34d9c26ad24b811\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 182326 65ee12ecc814923f252f00babde73a1c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 1205564 df3195ddb9e795718d8fa121bc248ca0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 94016 1600a68bc704465f78fe937d051bd3c5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 79694 0bbf11d824628b21c747c4454df395e0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 517978 101faa2efa54ca4ac0596d55c3fe2492\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 182978 633473c29a605b81ac5ed56d1473df41\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 94214 f217450a96728357b9c0d0bb1dd3ab8b\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 107098 18ca69bac92e80836268db59fb297047\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 111608 63efc27821d10a0d5cab7a1b24693aad\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.12_powerpc.deb\r\n Size/MD5: 208544 4a6c35b148a49d8d13119d7c74933b10\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 111278 4c8058a056b9d087f4d3f2263966a560\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 302032 6a1d9f6d352d3a564483abb4dd6fb231\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 181598 8ee82772bc2249b385868b166f64b88c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 1117318 11f8029b7e98e8fed22cdb8c19815db5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 92336 4247d8e094097e26ac5d4e6faee44da6\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 79690 a92634da1e5e91287083d04d31903f5d\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns23_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 512394 21717b28aec9818854393f0a5bf0456a\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 181940 132d3a000ab501421c502809e89b6c5f\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 91836 72c066e0c0b62610c3ce0899c290ed7a\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 104510 b0db47840d91c89e4bcb43348e8659d2\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 107352 eea3bfc702093caf0dfd851a9fc7350f\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.12_sparc.deb\r\n Size/MD5: 211850 9f756e3b88cf1e01d7fffab81cbf7e27\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6.diff.gz\r\n Size/MD5: 236216 600c295cd4aab666db0bb385d915989f\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6.dsc\r\n Size/MD5: 1641 a2a54de1ea2a4666169e155b38c39482\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2.orig.tar.gz\r\n Size/MD5: 5013832 9fe376b7121db146b19c6b5b248436df\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2.dfsg.P2-2ubuntu0.6_all.deb\r\n Size/MD5: 242224 f42cd9a00671669eba4736fc290859dd\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 60828 b310ae88caf294cda8de29e1ea7c325b\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 288964 29baa06ee2272b6b25c0ca5ffa31e499\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 144384 c9d56782f3351b5b4d10466e104f41ba\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 1192394 6c9c4fc0313a389ae849e0ed7fbd79ec\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 28184 bacf8b41cc7574487767a8713d8ab2d9\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 11326 d812eda5c64878216bf6ee375a6ca084\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 551106 02d7bcafacd72f8fe47a5fe0d52f12e1\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 139606 71d9cb9a8d2daaff4f6113ef46243688\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 25640 39b1d0fe39fcca9c40dd07b4b7f6756f\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 45658 981a90a1e1424c957bfc8c54098889cc\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 43720 2e9c12f7c5930c3df80fd22b8e0a6f2e\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.6_amd64.deb\r\n Size/MD5: 171902 e32cfdffd414ed486a9b91fc2abadc24\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 57446 db54af35f90bdd34a1642596af8d51aa\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 271260 a4619caebca20db84be6c33cb980cce5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 135816 e184fe4437f7f5d7bfb63c3e57c35c71\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 1069314 fd9ca5ad36d6f748ee88d3bda3c91840\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 28214 e0c53ec3036d4cee2f7772f3ccbbd163\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 11334 311ae27d888d5eb724ab4092da0a0fa0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 494876 437a2827c1c35d3d95eeec46e0fba1b5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 127450 11f3aaf7d70710d17e31ebbf01805bc0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 23842 ee3b434a2504961f5b703fdb3e7eb517\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 39124 9c57802ea4fb4c701bde2ecaabe256ec\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 41058 744478d9190ef1451a99232fdeb8cf8d\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.6_i386.deb\r\n Size/MD5: 160016 b2e3b3232ead7520bd6a2ae783b87ae2\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 58374 11137e6bb4baceecceec60a4873ef9d2\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 269126 912c7ea5bd99b816a176dcce018de3ee\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 137746 a97290bd1f56e2893b32eaf69cf46bad\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 1071378 f091a123057436d6d5c8e4263122b64e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 28198 ace9d79d6fd05214555a6deded70d4e0\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 11326 4dd6ecfcdb8404e707fbe161c4551c1f\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 489730 645a4c80e5f9cec3430c582460f6e5fe\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 124146 e61a4cadf33f5055b84cc9232c73e851\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 23552 50e2c1e61949515451b3560dc59faa4a\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 38560 3aefd2e24112c636aebf9bd8319643b5\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 40716 30a76515c2f5f896b115f6f2c9055ce6\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.6_lpia.deb\r\n Size/MD5: 159926 266124dd276d743fdf934f1d17a530d4\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 62140 90faeac699cdc39d2830658a23b85466\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 298674 52d10cc1290a434d4e90b483dda87d2a\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 150718 4add0bb5a21ea08b0bfe2808c8c1c742\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 1274462 937572e69077e46e34c40592edbe5a1c\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 30696 0bc3e877ebad83b5a733f891e9021c0f\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 11332 a33e717bd969864646fb00a97c1cd60e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 530562 c7ab29bfc5e70f82222c786b198061ff\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 139284 19bd3b7add96c25f620a3471ac3d71db\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 27330 3f0a11a6944c5d186ed42353861e0ab0\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 44516 0f700e1e3fe99af0459febb38188c907\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 45188 9c027f80ecd9bc02af35618c0236619c\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.6_powerpc.deb\r\n Size/MD5: 173108 24aa52415b6ab34fd909b5f60fcb6cdd\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 60112 7bc6c92e914dacb5a41b4c485a2372ec\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 283528 820f40420e41afd81e82cd72fce27c5c\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 142912 be011f931601a0094d1df3b408b9ef78\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 1181272 86788948034e7f6bbc7f1cfac8ff88c7\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 27598 ee3071b220d9470bb6b3a6d88210da61\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 11330 9dad7b6566e9b8e363c8b3b97b0d15b9\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns36_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 501362 f028f398c672895eaefe2f02aa54687b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc35_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 129184 52273fca5b73fa6492f8920fe3ddb0e6\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 23662 93a7f28818d38c1bdf83b5a3cfeb93f0\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 39706 1532e1e86804e32682c639b7f998e28e\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 39888 8d94bfbd412aca0a87c5a804afab31f9\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2.dfsg.P2-2ubuntu0.6_sparc.deb\r\n Size/MD5: 171524 0d830281e20d26c56646e4f66a81cbaa\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4.diff.gz\r\n Size/MD5: 229064 b9d450e6b95128d182262a437b9c8169\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4.dsc\r\n Size/MD5: 2275 36bfdc9439054a09d70214142af284fb\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1.orig.tar.gz\r\n Size/MD5: 5111118 164a8f8147ded4bbf4b0e9328f124e9f\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.6.1.dfsg.P1-3ubuntu0.4_all.deb\r\n Size/MD5: 278120 68da5bcbdb392e1acba19a26ded0eaa7\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 66460 c21e623615c7766fd47f356b363f6443\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 289586 c584480cdd5f29014a590811beaaa850\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 105606 f2d516f25b1f1509f1bfc3e199cac340\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 157546 3979eee453149701e9abe502abbae729\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 1415912 2a1438426cf1a77839f66f57de996141\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 33452 8bf0200ace6e86e05fd529508a1c8f73\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 14726 79717b8dea10978fbb67291ce89e7f27\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 656886 965c44d2ada63670f2d4c0b5c1b8c07c\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 167786 37c5c50aa972d75386f2796310fd7dd9\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 29294 9753ee25e76f75a32cd9ccb817b173ff\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 51470 3b81a88a4a889368fc8df808fc262354\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 47612 94a4eb09e189fe96495b4262c995e2b2\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_amd64.deb\r\n Size/MD5: 224878 3503fb3e84f817cd6e46ebc68b3fba6d\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 63322 cd474caeb733204137db683be452479f\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 274516 e294a1a653de06f4e6af3f95cb7218c2\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 97380 9cf52cba7f55d4ceef95b2cb6a7163f6\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 147556 b40206980a6147b64042bd8304ebb77e\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 1345222 cbe1a6260f12831202bb3cba8783ecc4\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 33652 46c96ad0ac1c262fce10cff10e483168\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 14730 1218d0b27ca5d46f62782363ab13c6de\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 602272 ef9283ec8a2e5d38a4e8fb535154bbf3\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 152818 24a1bb34e7b7743719a9df6d47686ffe\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 27776 1d2e13ba873eb9e2b83d0f19875ccb21\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 45072 e1c669cb500bf71f78801e506b895557\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 45872 646c524aa77b6bec33f8f80262d386b1\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_i386.deb\r\n Size/MD5: 212150 deb0438c0c948387d1711974bd8ce577\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 65798 6f696d67e47389911b2430aee8e2c49e\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 287694 d6699ad45d5261d9190c270ae6787f6a\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 101004 985144ed5748ef3bbbf84291a2da3fd9\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 154114 58af215aa1c3afd5dbab346bce37babb\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 1246252 63192652d6bf04dc627face241b8674b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 32856 5d953b0c4b14c96795f5bebc49d47c5c\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 14744 0c4ad7e69eca4a9d25766e0cc5df3528\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 619444 1abcd979e19c7054283c6d1d062b1cfe\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 157994 b2e3fb22d5e65748e7ec2290b811057c\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 27258 976000f073c1b93a89c3062e4eaf013c\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 43818 d3ef2e2fd316626a04f3232021e426f4\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 44320 a63d10b88ef868660eb40983b559de9c\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_armel.deb\r\n Size/MD5: 222772 c2e497c1b0fb4f6ebc7ecf9b77cf0951\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 63802 b9250766ac25ccb21712a88cc3e8b70d\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 274806 4ca0c61d027f06af6c194bf6b0baee08\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 97318 825f8173c661f90c38260e1d54981328\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 148870 f44e4eb37415caf4596cb88d1805e3d7\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 1336962 ed2d8cd36dc155e1de42088f5eb28616\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 33742 fcd2aa831b03eac9d37675ec82bc6724\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 14724 b0c71bcb67e3bb1a020cd31deb92d33b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 601922 4b8ef7fe1c3d6a2e0d4f951355527d71\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 149758 1054c5efac47f8508303ac16b38b8190\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 27506 b6c1e75d57d5dad8e5cdca942ee23eeb\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 44598 08a0343037a26e2c17934c3a2d680941\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 45562 df535ad5858cd156badfa1bb8df8df7a\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_lpia.deb\r\n Size/MD5: 211598 b87e88591d4447ca1588f0a25013cabf\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 66526 31875fa299ff26cf0ee7d2358d40e4ed\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 292036 8a368d8dae7749026ec5211e7040a507\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 102722 9d0a64b68ed663764049a0c99b68279a\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 157338 c505bbdc2f902fbeeebaaaf9f78d480b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 1310422 d077b8d5ffdd35bcc51d77070553571f\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 34126 d023f0bbb0e06543a52dd224d544914d\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 14732 5c38843efeabc5b579c828cf9f975a2e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 630038 89021a988c7ed9270cceec6988bb128b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 160786 b5cc1b44d4adc713fe8081a21526ab00\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 28826 1c5363a10e334603fda5f34483a8ee5c\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 47740 2ce0813f6e65e2c11c999db1b815dc7b\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 46618 a17c24becf24fc4c65f4799030a7a50d\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_powerpc.deb\r\n Size/MD5: 228512 dd26dfc7b9bed7886c8f13854e10d3cd\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 64202 37e40e5d6cda90bb3daaba502705733e\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 276446 ec1ecdc54adf43851077badc8337a5d4\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 99858 1798a2a8c1fdc048e0b7a0550d0af5ec\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 151178 2c89c42d39d6a39c78b1a3a4b1dee139\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 1421262 a5ee10b2776de541dd417e1be0797a3b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 32930 c0f3124e740581ecb1d975d7858beaf7\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 14728 977f7cc046ff2ea4931a9a3a2fa49854\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns53_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 592906 24e3c9323879db6c5f4f025281040b1a\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 152076 2965e21992d3d073fa265b0d52c4d880\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 27072 522484e2bec4aa6100ba84c056aa2986\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 45006 b28291b99debf05fe5580d37b05d5d47\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres50_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 43672 5a26369c3e7187336e9115ec0c7cc6bc\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.6.1.dfsg.P1-3ubuntu0.4_sparc.deb\r\n Size/MD5: 214244 ac5bd08e63fcef3809fd9cacb1b5bf49\r\n\r\nUpdated packages for Ubuntu 10.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1.diff.gz\r\n Size/MD5: 599934 88f9261ff9539d15b916234086e0e366\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1.dsc\r\n Size/MD5: 2265 6d5a35bcca785a5e4e909b61cab59eac\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.0.dfsg.P1.orig.tar.gz\r\n Size/MD5: 5704315 39892aaded3966225856671be5dd77a3\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.7.0.dfsg.P1-1ubuntu0.1_all.deb\r\n Size/MD5: 325660 eecc4f2feb16516fe2f6c472953d92d6\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 68534 db61a44061e7e35146613c90c49bc9a9\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 343004 0ed7ad345b02b1e3c06c48c9ee72a59d\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 117588 742ccfaa7fd8f23f9cef5a7f1c0c3118\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 161410 c2dac899d1e5803be2c8d0cd56c9d0b0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 1474942 d8bd62e14c8dc20a28615884cf3718a6\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 34424 bf65c3379bd8a81d7a038991a5ff1849\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns64_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 691076 5d24bd31c675f8311026b20ee37bb089\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 169312 5b0f109a9ad64f686c910b1039f20ece\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 29664 c24ee2a9e52b390569d4b8d44dd01eba\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 52890 08013e0105ac16c54afd021db327a2fe\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 48222 c3a9b6474698cdac0a995700998292b0\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.0.dfsg.P1-1ubuntu0.1_amd64.deb\r\n Size/MD5: 234858 06dff46b101805e1662b932a06456a0e\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 64946 e6a853bf12fb1dff7ef66a9fd132a215\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 321800 5cc95d54efb0aab2c7a6a806c1d140bc\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 111636 ce64cb8111d5cbe8301023f940feebc9\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 150942 c612bb015558fb95dcb8b917b44eb199\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 1405128 5201fa79c4f561f6b38b0cb802e57b14\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 34686 16a30aa4f610e89df90dfa798b09a639\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns64_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 650434 b78df941c250f3e1b8ec4c37a68ab2e6\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 156684 7e00eb5598721f357471e3aa24986293\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 28166 b690c9a2bfba1f8cb230e53e90a6d701\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 46306 15e5fdfd2ac8428eafd568dcbdf4b2e5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 46712 c3c333c82d8658e304e4cb1017421dde\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.0.dfsg.P1-1ubuntu0.1_i386.deb\r\n Size/MD5: 222392 3f84408edfc47d62b10781cb6d1ae90a\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 64916 ebeb725bd203d90c853fcff6eee2f401\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 331422 7745c991053fcc40566ce1599e231146\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 112890 0d1ed47c5ea99171401b7d219b5f089f\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 151464 65b3fb0844a93f8dde21fceb4f031955\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 1371308 30ae5691e9f506ef94c5a3523172e783\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 33930 e2c403a5af23927450f7b646d97ce11a\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns64_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 621136 b4ef8dfd5d4480af141329bda49c8e44\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 150574 e6f6ad5ce5c49d9a9060d08a45bf090a\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 27044 121200b177cd8721f2b0e90b740e0010\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 44412 e5c5747b59d0198d86e999283a240c57\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 43258 3087b14f5979a418e7d0b5ff736c0b6e\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.0.dfsg.P1-1ubuntu0.1_armel.deb\r\n Size/MD5: 224212 811f03973d0b962dbc5783cec3e977b7\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 68690 ba96455989517da8f3b3ba40fda9ea93\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 339238 739bf11405e5f05634e191bcc93e8bf2\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 119002 52de1eb4118850c142f790ed8352c7a3\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 161152 3bce2a3a30deec0563a0e271f6049317\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 1379378 6e7e068fa08bba276e41666cbdef9698\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 35148 6852239dfa0583fcd08f1dabe8d8c2ab\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns64_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 668482 9a36df78c081f5ac4b41f3b1e4d2b29e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 162494 d87b3164e4e892e445320143b9c6e805\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 28996 bbf5ca57165149f928ff7985eb74a50d\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 48902 c4de8a1bdb3cbdaff0ad040b4e3ecab9\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 47158 093daa5f6d945a80ad8a71a9f560f50f\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.0.dfsg.P1-1ubuntu0.1_powerpc.deb\r\n Size/MD5: 235798 c7b1fef9545bd09c4523170cb8f21031\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 67404 eb3ab4045758d27e97c32e037998f95c\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 331450 b339a7cfedf9bda886b8c65ebb61cba0\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 116726 6db462ff21b7d52970c6732e1fcc8b9e\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 159976 0dc4bcff553157ecae4e06f14d3c9dc4\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 1483196 eeacc80596d7f8f48eb8160be6dba459\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 34208 6acfba03e9b1505f66f680e663ee7582\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns64_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 647340 450db966cfb485c51ef9f7cc8dde8717\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 159566 4131cc1ee34f448ea71e768b9483a78e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 27814 2d2e35805681ac4a089ff773ec67e744\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 46912 897a38366e1d174e660dea57a34a868c\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 44698 5659767358ab829546e650d79cf0638e\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.0.dfsg.P1-1ubuntu0.1_sparc.deb\r\n Size/MD5: 230968 9fce76005bacde08512327f15bd4ce28\r\n\r\nUpdated packages for Ubuntu 10.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1.debian.tar.gz\r\n Size/MD5: 633331 7f6313173d7b9e9e20dcb0bfef8f5321\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1.dsc\r\n Size/MD5: 2297 71bd74abc581627156989cf9668f4bde\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2.orig.tar.gz\r\n Size/MD5: 6104039 a09aab2a215166e37b741d78d776dfbc\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.7.1.dfsg.P2-2ubuntu0.1_all.deb\r\n Size/MD5: 330276 1ac7f98929e33e8c471969fbc22e7efc\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/host_9.7.1.dfsg.P2-2ubuntu0.1_all.deb\r\n Size/MD5: 17428 182a7280846862d88080bb817dbd48bb\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 69790 63f796fd18192eeee2455e9a89478009\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 339750 49f97c073335a1d695b2e5dee1c18605\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 118018 e8a96497b5b528585c7fbf836b9d93ba\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 161302 ad2d8ec0de40d5a5a882139d0de97823\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 1488772 0bb7eca77c0e2ebcc2cdadbc76f3ee71\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 37046 ceedc4ee00fd459868479acffe0489a7\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 696254 09dff777bbd6f6dc7fd386baa0a7487b\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 169604 386189472215894185a8eaf1ce0130c5\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 31420 7fec807afacb4d2838aa30c88d2c866d\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 54576 bcb003effca270da8514a79cf48304d4\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 50026 2d888871292bc9604dd1597e70ff26fd\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.1_amd64.deb\r\n Size/MD5: 234220 f15273557e4650af774f86af00b5a5b6\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 66236 64cb0679aaabccec3f8768d692465481\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 321064 c495d6ddf213827efe6ea48e13535898\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 111644 3fbdee0ef1ac95c8f729c334c3eac90e\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 150704 6e7c5543b96b27c9e94d18804a517178\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 1417146 eda7daf3a4bcf27cb53f31b26f44169b\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 37276 b48efcdca504330c22b11d4d3b2d61c0\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 654126 926358dee784ec89b5816f8322d72849\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 156544 179d8dd04653902817e131e926269fbd\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 29968 db742c078ba3a66cb457d52ced5d8f71\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 47844 db5ac95637815f22f7b1f8d9cc058acc\r\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 48564 13c38f58f7c552571a2bd80459ce9b89\r\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.1_i386.deb\r\n Size/MD5: 221234 ad0ecbf4fc41800f6e3b27a4c66d6d47\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 67710 d04b47272a25c32d69f5c6faaab72770\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 334158 b9d56dceaeb0be2f41b6af1c2dea7bcf\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 115586 0c13cb898de16aa0478acf2b0eeeb0c9\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 157214 58937a4f57b4c87c8cdeab60bb8927e0\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 1446044 f494d8735ee42a4381bef6d18c037ed3\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 37194 490e3380cbcde9dc44626e78d0d2fad8\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 667772 651a6b64f69c4ab3c4703f84b6ab847f\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 165762 256bbb589b213e6bd0777af08b0af66b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 29388 1e47aaaa668e13f6597e556433d3fc6e\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 46744 6b9798ba13d74c319049be0696a2c471\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 47068 6fcda8d814e6fea500481ccb2060cb00\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.1_armel.deb\r\n Size/MD5: 231804 94f487a9cecc52ce86dfbf085ff1eedb\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 69786 6fce53a39cbfdce1236e4289f73292ae\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 338476 d12a4bf95ed066eb5799ec7725a16293\r\n http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 119298 757a3ec5c2f93593f726bec496c10bdc\r\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 160610 95ec11270e1a96611e720023d022f26d\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 1390008 6dd01e5accbd4e95be249cfc02716b17\r\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 37634 a87680f0d540569d6728bf658d8f052b\r\n http://ports.ubuntu.com/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 672206 c8b0ceac93722bab73575e419c068b78\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 162406 5ca8cf12a7ee30871e06e37fa68dc883\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 30692 07b6fe2d7e30780ba3452de65278be1d\r\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 50610 c5b95cc67b38a105c1ea9c41ca5498a9\r\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 48872 9560ab4c699c9bb38bfaf03c606430e6\r\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.1_powerpc.deb\r\n Size/MD5: 235214 9a726db060bbdc59abb18c54b2b573e0\r\n\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2010-12-06T00:00:00", "type": "securityvulns", "title": "[USN-1025-1] Bind vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613"], "modified": "2010-12-06T00:00:00", "id": "SECURITYVULNS:DOC:25246", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25246", "sourceData": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:39", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2011-0004\r\nSynopsis: VMware ESX/ESXi SLPD denial of service vulnerability\r\n and ESX third party updates for Service Console\r\n packages bind, pam, and rpm.\r\nIssue date: 2011-03-07\r\nUpdated on: 2011-03-07 &#40;initial release of advisory&#41;\r\nCVE numbers: CVE-2010-3613 CVE-2010-3614 CVE-2010-3762\r\n CVE-2010-3316 CVE-2010-3435 CVE-2010-3853\r\n CVE-2010-2059 CVE-2010-3609\r\n- ------------------------------------------------------------------------\r\n\r\n1. Summary\r\n\r\n Service Location Protocol daemon &#40;SLPD&#41; denial of service issue and\r\n ESX 4.0 Service Console OS &#40;COS&#41; updates for bind, pam, and rpm.\r\n\r\n2. Relevant releases\r\n\r\n VMware ESXi 4.1 without patch ESXi410-201101201-SG.\r\n\r\n VMware ESXi 4.0 without patch ESXi400-201103401-SG.\r\n\r\n VMware ESX 4.1 without patch ESX410-201101201-SG.\r\n\r\n VMware ESX 4.0 without patches ESX400-201103401-SG,\r\n ESX400-201103404-SG, ESX400-201103406-SG, ESX400-201103407-SG.\r\n\r\n3. Problem Description\r\n\r\n a. Service Location Protocol daemon DoS\r\n\r\n This patch fixes a denial-of-service vulnerability in\r\n the Service Location Protocol daemon &#40;SLPD&#41;. Exploitation of this\r\n vulnerability could cause SLPD to consume significant CPU\r\n resources.\r\n\r\n VMware would like to thank Nicolas Gregoire and US CERT for\r\n reporting this issue to us.\r\n\r\n The Common Vulnerabilities and Exposures Project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2010-3609 to this issue.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n vCenter any Windows not affected\r\n\r\n hosted * any any not affected\r\n\r\n ESXi 4.1 ESXi ESXi410-201101201-SG\r\n ESXi 4.0 ESXi ESXi400-201103401-SG\r\n ESXi 3.5 ESXi not applicable\r\n\r\n ESX 4.1 ESX ESX410-201101201-SG\r\n ESX 4.0 ESX ESX400-201103401-SG\r\n ESX 3.5 ESX not applicable\r\n ESX 3.0.3 ESX not applicable\r\n\r\n * hosted products are VMware Workstation, Player, Fusion.\r\n\r\n b. Service Console update for bind\r\n\r\n This patch updates the bind-libs and bind-utils RPMs to version\r\n 9.3.6-4.P1.el5_5.3, which resolves multiple security issues.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the names CVE-2010-3613, CVE-2010-3614, and\r\n CVE-2010-3762 to these issues.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available. \r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n vCenter any Windows not affected\r\n\r\n hosted * any any not affected\r\n\r\n ESXi any ESXi not applicable\r\n\r\n ESX 4.1 ESX affected, patch pending\r\n ESX 4.0 ESX ESX400-201103407-SG\r\n ESX 3.5 ESX not applicable\r\n ESX 3.0.3 ESX not applicable\r\n\r\n * hosted products are VMware Workstation, Player, Fusion.\r\n\r\n c. Service Console update for pam\r\n\r\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw,\r\n which resolves multiple security issues with PAM modules.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the names CVE-2010-3316, CVE-2010-3435, and\r\n CVE-2010-3853 to these issues.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n vCenter any Windows not affected\r\n\r\n hosted * any any not affected\r\n \r\n ESXi any ESXi not applicable\r\n\r\n ESX 4.1 ESX affected, patch pending\r\n ESX 4.0 ESX ESX400-201103404-SG\r\n ESX 3.5 ESX not applicable\r\n ESX 3.0.3 ESX not applicable\r\n\r\n * hosted products are VMware Workstation, Player, Fusion.\r\n\r\n d. Service Console update for rpm, rpm-libs, rpm-python, and popt\r\n\r\n This patch updates rpm, rpm-libs, and rpm-python RPMs to\r\n 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1,\r\n which resolves a security issue.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2010-2059 to this issue.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n vCenter any Windows not affected\r\n\r\n hosted * any any not affected\r\n\r\n ESXi any ESXi not applicable\r\n\r\n ESX 4.1 ESX affected, patch pending\r\n ESX 4.0 ESX ESX400-201103406-SG\r\n ESX 3.5 ESX not applicable\r\n ESX 3.0.3 ESX not applicable\r\n \r\n * hosted products are VMware Workstation, Player, Fusion.\r\n\r\n\r\n4. Solution\r\n\r\n Please review the patch/release notes for your product and version\r\n and verify the checksum of your downloaded file.\r\n\r\n ESXi 4.1 Installable Update 1\r\n -----------------------------\r\n \r\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_\r\n0\r\n Release Notes:\r\n \r\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.ht\r\nml\r\n http://kb.vmware.com/kb/1027919\r\n\r\n File type: .iso\r\n MD5SUM: d68d6c2e040a87cd04cd18c04c22c998\r\n SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64\r\n\r\n ESXi 4.1 Update 1 &#40;upgrade ZIP from ESXi 4.1&#41;\r\n File type: .zip\r\n MD5SUM: 2f1e009c046b20042fae3b7ca42a840f\r\n SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1\r\n\r\n ESXi 4.1 Update 1 &#40;upgrade ZIP from ESXi 4.0&#41;\r\n File type: .zip\r\n MD5SUM: 67b924618d196dafaf268a7691bd1a0f\r\n SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 \r\n\r\n ESXi 4.1 Update 1 &#40;upgrade ZIP from ESXi 3.5&#41;\r\n File type: .zip\r\n MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4\r\n SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 \r\n\r\n VMware Tools CD image for Linux Guest OSes\r\n File type: .iso\r\n MD5SUM: dad66fa8ece1dd121c302f45444daa70\r\n SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af \r\n\r\n VMware vSphere Client\r\n File type: .exe\r\n MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e\r\n SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\r\n\r\n ESXi Installable Update 1 contains the following security bulletins:\r\n ESXi410-201101201-SG.\r\n\r\n ESX 4.1 Update 1\r\n ----------------\r\n \r\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_\r\n0\r\n Release Notes:\r\n \r\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.htm\r\nl\r\n http://kb.vmware.com/kb/1029353\r\n\r\n ESX 4.1 Update 1 &#40;DVD ISO&#41;\r\n File type: .iso\r\n md5sum: b9a275b419a20c7bedf31c0bf64f504e\r\n sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 \r\n\r\n ESX 4.1 Update 1 &#40;upgrade ZIP from ESX 4.1&#41;\r\n File type: .zip\r\n md5sum: 2d81a87e994aa2b329036f11d90b4c14\r\n sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 \r\n\r\n Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1\r\n File type: .zip\r\n md5sum: 75f8cebfd55d8a81deb57c27def963c2\r\n sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 \r\n\r\n ESX 4.1 Update 1 &#40;upgrade ZIP from ESX 4.0&#41;\r\n File type: .zip\r\n md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2\r\n sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 \r\n\r\n VMware Tools CD image for Linux Guest OSes\r\n File type: .iso\r\n md5sum: dad66fa8ece1dd121c302f45444daa70\r\n sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af \r\n\r\n VMware vSphere Client\r\n File type: .exe\r\n md5sum: cb6aa91ada1289575355d79e8c2a9f8e\r\n sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\r\n\r\n ESX410-Update01 contains the following security bulletins:\r\n ESX410-201101201-SG &#40;COS kernel, pam_krb5, cURL, OpenSSL,\r\n Apache Tomcat, Oracle &#40;Sun&#41; JRE&#41; | http://kb.vmware.com/kb/1027904\r\n ESX410-201101226-SG &#40;glibc&#41; | http://kb.vmware.com/kb/1031330\r\n\r\n ESX410-Update01 also contains the following non-security bulletins\r\n ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG,\r\n ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG,\r\n ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG,\r\n ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG,\r\n ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG,\r\n ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG.\r\n\r\n To install an individual bulletin use esxupdate with the -b option.\r\n\r\n ESXi 4.0\r\n --------\r\n ESXi400-201103001\r\n \r\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-274-20110303-677\r\n367/ESXi400-201103001.zip\r\n md5sum: a68ef31414573460cdadef4d81fb95d0\r\n sha1sum: 7155e60962b21b5c295a2e9412ac4a445382db31\r\n http://kb.vmware.com/kb/1032823\r\n\r\n ESXi400-201103001 containes the following security bulletins:\r\n ESXi400-201103401-SG &#40;openssl&#41; | http://kb.vmware.com/kb/1032820\r\n ESXi400-201103402-SG | http://kb.vmware.com/kb/1032821\r\n \r\n ESX 4.0\r\n -------\r\n ESX400-201103001\r\n \r\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-273-20110303-574\r\n144/ESX400-201103001.zip\r\n md5sum: 5b9a0cfe6c0ff1467c09c8d115910ff8\r\n sha1sum: 8bfb5df8066a01704eaa24e4d8a34f371816904b\r\n http://kb.vmware.com/kb/1032822\r\n\r\n ESX400-201103001 containes the following security bulletins:\r\n ESX400-201103401-SG &#40;SLPD, openssl, COS kernel&#41; \r\n | http://kb.vmware.com/kb/1032814\r\n ESX400-201103403-SG &#40;JRE, Tomcat&#41; | http://kb.vmware.com/kb/1032815\r\n ESX400-201103404-SG &#40;pam&#41; | http://kb.vmware.com/kb/1032816\r\n ESX400-201103405-SG &#40;bzip2&#41; | http://kb.vmware.com/kb/1032817\r\n ESX400-201103406-SG &#40;popt/rpm&#41; | http://kb.vmware.com/kb/1032818\r\n ESX400-201103407-SG &#40;bind&#41; | http://kb.vmware.com/kb/1032819\r\n5. References\r\n\r\n CVE numbers\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3762\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3316\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3435\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3853\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609\r\n\r\n- ------------------------------------------------------------------------\r\n6. Change log\r\n\r\n2011-03-07 VMSA-2011-0004\r\nInitial security advisory in conjunction with the release of VMware\r\nESX/ESXi 4.0 patches on 2011-03-07\r\n\r\n- -----------------------------------------------------------------------\r\n7. Contact\r\n\r\nE-mail list for product security notifications and announcements:\r\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\nThis Security Advisory is posted to the following lists:\r\n\r\n * security-announce at lists.vmware.com\r\n * bugtraq at securityfocus.com\r\n * full-disclosure at lists.grok.org.uk\r\n\r\nE-mail: security at vmware.com\r\nPGP key at: http://kb.vmware.com/kb/1055\r\n\r\nVMware Security Advisories\r\nhttp://www.vmware.com/security/advisories\r\n\r\nVMware security response policy\r\nhttp://www.vmware.com/support/policies/security_response.html\r\n\r\nGeneral support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos.html\r\n\r\nVMware Infrastructure support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos_vi.html\r\n\r\nCopyright 2011 VMware Inc. All rights reserved.\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: PGP Desktop 9.8.3 &#40;Build 4028&#41;\r\nCharset: utf-8\r\n\r\nwj8DBQFNdceBS2KysvBH1xkRAs3MAJ0ezxEepDLaIgTNPd0v4QBrdw6ssQCfRgPw\r\nXlxhmCY1Md8s4gnoyjDGvnE=\r\n=kJHZ\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2011-03-10T00:00:00", "type": "securityvulns", "title": "VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2011-03-10T00:00:00", "id": "SECURITYVULNS:DOC:25898", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25898", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 is now available and\r\naddresses the following:\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.20 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. CVE-2011-0419 does not affect OS X Lion systems. Further\r\ninformation is available via the Apache web site at\r\nhttp://httpd.apache.org/\r\nCVE-ID\r\nCVE-2011-0419\r\nCVE-2011-3192\r\n\r\nApplication Firewall\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Executing a binary with a maliciously crafted name may lead\r\nto arbitrary code execution with elevated privileges\r\nDescription: A format string vulnerability existed in Application\r\nFirewall&#39;s debug logging.\r\nCVE-ID\r\nCVE-2011-0185 : an anonymous reporter\r\n\r\nATS\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: A signedness issue existed in ATS&#39; handling of Type 1\r\nfonts. This issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3437\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to arbitrary code execution\r\nDescription: An out of bounds memory access issue existed in ATS&#39;\r\nhandling of Type 1 fonts. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0229 : Will Dormann of the CERT/CC\r\n\r\nATS\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Applications which use the ATSFontDeactivate API may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A buffer overflow issue existed in the\r\nATSFontDeactivate API.\r\nCVE-ID\r\nCVE-2011-0230 : Steven Michaud of Mozilla\r\n\r\nBIND\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in BIND 9.7.3\r\nDescription: Multiple denial of service issues existed in BIND\r\n9.7.3. These issues are addressed by updating BIND to version\r\n9.7.3-P3.\r\nCVE-ID\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nBIND\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple denial of service issues existed in BIND.\r\nThese issues are addressed by updating BIND to version 9.6-ESV-R4-P3.\r\nCVE-ID\r\nCVE-2009-4022\r\nCVE-2010-0097\r\nCVE-2010-3613\r\nCVE-2010-3614\r\nCVE-2011-1910\r\nCVE-2011-2464\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1.\r\nImpact: Root certificates have been updated\r\nDescription: Several trusted certificates were added to the list of\r\nsystem roots. Several existing certificates were updated to their\r\nmost recent version. The complete list of recognized system roots may\r\nbe viewed via the Keychain Access application.\r\n\r\nCFNetwork\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Safari may store cookies it is not configured to accept\r\nDescription: A synchronization issue existed in CFNetwork&#39;s handling\r\nof cookie policies. Safari&#39;s cookie preferences may not be honored,\r\nallowing websites to set cookies that would be blocked were the\r\npreference enforced. This update addresses the issue through improved\r\nhandling of cookie storage.\r\nCVE-ID\r\nCVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin\r\nC. Walker, and Stephen Creswell\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork&#39;s handling of HTTP\r\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\r\nCFNetwork could incorrectly send the cookies for a domain to a server\r\noutside that domain. This issue does not affect systems prior to OS X\r\nLion.\r\nCVE-ID\r\nCVE-2011-3246 : Erling Ellingsen of Facebook\r\n\r\nCoreFoundation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in CoreFoundation&#39;s\r\nhandling of string tokenization. This issue does not affect OS X Lion\r\nsystems. This update addresses the issue through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2011-0259 : Apple\r\n\r\nCoreMedia\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of video data from another site\r\nDescription: A cross-origin issue existed in CoreMedia&#39;s handling of\r\ncross-site redirects. This issue is addressed through improved origin\r\ntracking.\r\nCVE-ID\r\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\r\nResearch &#40;MSVR&#41;\r\n\r\nCoreMedia\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of QuickTime movie files. These issues do not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0224 : Apple\r\n\r\nCoreProcesses\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access to a system may partially\r\nbypass the screen lock\r\nDescription: A system window, such as a VPN password prompt, that\r\nappeared while the screen was locked may have accepted keystrokes\r\nwhile the screen was locked. This issue is addressed by preventing\r\nsystem windows from requesting keystrokes while the screen is locked.\r\nThis issue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-0260 : Clint Tseng of the University of Washington, Michael\r\nKobb, and Adam Kemp\r\n\r\nCoreStorage\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Converting to FileVault does not erase all existing data\r\nDescription: After enabling FileVault, approximately 250MB at the\r\nstart of the volume was left unencrypted on the disk in an unused\r\narea. Only data which was present on the volume before FileVault was\r\nenabled was left unencrypted. This issue is addressed by erasing this\r\narea when enabling FileVault, and on the first use of an encrypted\r\nvolume affected by this issue. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3212 : Judson Powers of ATC-NY\r\n\r\nFile Systems\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: An attacker in a privileged network position may manipulate\r\nHTTPS server certificates, leading to the disclosure of sensitive\r\ninformation\r\nDescription: An issue existed in the handling of WebDAV volumes on\r\nHTTPS servers. If the server presented a certificate chain that could\r\nnot be automatically verified, a warning was displayed and the\r\nconnection was closed. If the user clicked the &quot;Continue&quot; button in\r\nthe warning dialog, any certificate was accepted on the following\r\nconnection to that server. An attacker in a privileged network\r\nposition may have manipulated the connection to obtain sensitive\r\ninformation or take action on the server on the user&#39;s behalf. This\r\nupdate addresses the issue by validating that the certificate\r\nreceived on the second connection is the same certificate originally\r\npresented to the user.\r\nCVE-ID\r\nCVE-2011-3213 : Apple\r\n\r\nIOGraphics\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: A person with physical access may be able to bypass the\r\nscreen lock\r\nDescription: An issue existed with the screen lock when used with\r\nApple Cinema Displays. When a password is required to wake from\r\nsleep, a person with physical access may be able to access the system\r\nwithout entering a password if the system is in display sleep mode.\r\nThis update addresses the issue by ensuring that the lock screen is\r\ncorrectly activated in display sleep mode. This issue does not affect\r\nOS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3214 : Apple\r\n\r\niChat Server\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: A remote attacker may cause the Jabber server to consume\r\nsystem resources disproportionately\r\nDescription: An issue existed in the handling of XML external\r\nentities in jabberd2, a server for the Extensible Messaging and\r\nPresence Protocol &#40;XMPP&#41;. jabberd2 expands external entities in\r\nincoming requests. This allows an attacker to consume system\r\nresources very quickly, denying service to legitimate users of the\r\nserver. This update addresses the issue by disabling entity expansion\r\nin incoming requests.\r\nCVE-ID\r\nCVE-2011-1755\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A person with physical access may be able to access the\r\nuser&#39;s password\r\nDescription: A logic error in the kernel&#39;s DMA protection permitted\r\nfirewire DMA at loginwindow, boot, and shutdown, although not at\r\nscreen lock. This update addresses the issue by preventing firewire\r\nDMA at all states where the user is not logged in.\r\nCVE-ID\r\nCVE-2011-3215 : Passware, Inc.\r\n\r\nKernel\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An unprivileged user may be able to delete another user&#39;s\r\nfiles in a shared directory\r\nDescription: A logic error existed in the kernel&#39;s handling of file\r\ndeletions in directories with the sticky bit.\r\nCVE-ID\r\nCVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer,\r\nand Allan Schmid and Oliver Jeckel of brainworks Training\r\n\r\nlibsecurity\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted website or e-mail message may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An error handling issue existed when parsing a\r\nnonstandard certificate revocation list extension.\r\nCVE-ID\r\nCVE-2011-3227 : Richard Godbee of Virginia Tech\r\n\r\nMailman\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Mailman 2.1.14\r\nDescription: Multiple cross-site scripting issues existed in Mailman\r\n2.1.14. These issues are addressed by improved encoding of characters\r\nin HTML output. Further information is available via the Mailman site\r\nat http://mail.python.org/pipermail/mailman-\r\nannounce/2011-February/000158.html This issue does not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0707\r\n\r\nMediaKit\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Opening a maliciously crafted disk image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of disk images. These issues do not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-3217 : Apple\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Any user may read another local user&#39;s password data\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and\r\nPatrick Dunstan at defenseindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: An authenticated user may change that account&#39;s password\r\nwithout providing the current password\r\nDescription: An access control issue existed in Open Directory. This\r\nissue does not affect systems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3436 : Patrick Dunstan at defenceindepth.net\r\n\r\nOpen Directory\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A user may be able to log in without a password\r\nDescription: When Open Directory is bound to an LDAPv3 server using\r\nRFC2307 or custom mappings, such that there is no\r\nAuthenticationAuthority attribute for a user, an LDAP user may be\r\nallowed to log in without a password. This issue does not affect\r\nsystems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin,\r\nSteven Eppler of Colorado Mesa University, Hugh Cole-Baker, and\r\nFrederic Metoz of Institut de Biologie Structurale\r\n\r\nPHP\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in FreeType&#39;s handling of\r\nType 1 fonts. This issue is addressed by updating FreeType to version\r\n2.4.6. This issue does not affect systems prior to OS X Lion. Further\r\ninformation is available via the FreeType site at\r\nhttp://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-0226\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng 1.4.3\r\nDescription: libpng is updated to version 1.5.4 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in PHP 5.3.4\r\nDescription: PHP is updated to version 5.3.6 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. This issues do not affect OS X Lion systems. Further\r\ninformation is available via the PHP website at http://www.php.net/\r\nCVE-ID\r\nCVE-2010-3436\r\nCVE-2010-4645\r\nCVE-2011-0420\r\nCVE-2011-0421\r\nCVE-2011-0708\r\nCVE-2011-1092\r\nCVE-2011-1153\r\nCVE-2011-1466\r\nCVE-2011-1467\r\nCVE-2011-1468\r\nCVE-2011-1469\r\nCVE-2011-1470\r\nCVE-2011-1471\r\n\r\npostfix\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nmail sessions, resulting in the disclosure of sensitive information\r\nDescription: A logic issue existed in Postfix in the handling of the\r\nSTARTTLS command. After receiving a STARTTLS command, Postfix may\r\nprocess other plain-text commands. An attacker in a privileged\r\nnetwork position may manipulate the mail session to obtain sensitive\r\ninformation from the encrypted traffic. This update addresses the\r\nissue by clearing the command queue after processing a STARTTLS\r\ncommand. This issue does not affect OS X Lion systems. Further\r\ninformation is available via the Postfix site at\r\nhttp://www.postfix.org/announcements/postfix-2.7.3.html\r\nCVE-ID\r\nCVE-2011-0411\r\n\r\npython\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in python\r\nDescription: Multiple vulnerabilities existed in python, the most\r\nserious of which may lead to arbitrary code execution. This update\r\naddresses the issues by applying patches from the python project.\r\nFurther information is available via the python site at\r\nhttp://www.python.org/download/releases/\r\nCVE-ID\r\nCVE-2010-1634\r\nCVE-2010-2089\r\nCVE-2011-1521\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in\r\nQuickTime&#39;s handling of movie files.\r\nCVE-ID\r\nCVE-2011-3228 : Apple\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSC\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0249 : Matt &#39;j00ru&#39; Jurczyk working with TippingPoint&#39;s Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0250 : Matt &#39;j00ru&#39; Jurczyk working with TippingPoint&#39;s Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STSZ\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0251 : Matt &#39;j00ru&#39; Jurczyk working with TippingPoint&#39;s Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in the handling of STTS\r\natoms in QuickTime movie files. This issue does not affect OS X Lion\r\nsystems.\r\nCVE-ID\r\nCVE-2011-0252 : Matt &#39;j00ru&#39; Jurczyk working with TippingPoint&#39;s Zero\r\nDay Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may inject\r\nscript in the local domain when viewing template HTML\r\nDescription: A cross-site scripting issue existed in QuickTime\r\nPlayer&#39;s &quot;Save for Web&quot; export. The template HTML files generated by\r\nthis feature referenced a script file from a non-encrypted origin. An\r\nattacker in a privileged network position may be able to inject\r\nmalicious scripts in the local domain if the user views a template\r\nfile locally. This issue is resolved by removing the reference to an\r\nonline script. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3218 : Aaron Sigel of vtty.com\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime&#39;s handling of\r\nH.264 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3219 : Damian Put working with TippingPoint&#39;s Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nQuickTime&#39;s handling of URL data handlers within movie files.\r\nCVE-ID\r\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint&#39;s Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An implementation issue existed in QuickTime&#39;s handling\r\nof the atom hierarchy within a movie file.\r\nCVE-ID\r\nCVE-2011-3221 : an anonymous researcher working with TippingPoint&#39;s\r\nZero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime&#39;s handling of\r\nFlashPix files.\r\nCVE-ID\r\nCVE-2011-3222 : Damian Put working with TippingPoint&#39;s Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in QuickTime&#39;s handling of\r\nFLIC files.\r\nCVE-ID\r\nCVE-2011-3223 : Matt &#39;j00ru&#39; Jurczyk working with TippingPoint&#39;s Zero\r\nDay Initiative\r\n\r\nSMB File Server\r\nAvailable for: OS X Lion v10.7 and v10.7.1,\r\nOS X Lion Server v10.7 and v10.7.1\r\nImpact: A guest user may browse shared folders\r\nDescription: An access control issue existed in the SMB File Server.\r\nDisallowing guest access to the share point record for a folder\r\nprevented the &#39;_unknown&#39; user from browsing the share point but not\r\nguests &#40;user &#39;nobody&#39;&#41;. This issue is addressed by applying the\r\naccess control to the guest user. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3225\r\n\r\nTomcat\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Tomcat 6.0.24\r\nDescription: Tomcat is updated to version 6.0.32 to address multiple\r\nvulnerabilities, the most serious of which may lead to a cross site\r\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\r\nThis issue does not affect OS X Lion systems. Further information is\r\navailable via the Tomcat site at http://tomcat.apache.org/\r\nCVE-ID\r\nCVE-2010-1157\r\nCVE-2010-2227\r\nCVE-2010-3718\r\nCVE-2010-4172\r\nCVE-2011-0013\r\nCVE-2011-0534\r\n\r\nUser Documentation\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: An attacker in a privileged network position may manipulate\r\nApp Store help content, leading to arbitrary code execution\r\nDescription: App Store help content was updated over HTTP. This\r\nupdate addresses the issue by updating App Store help content over\r\nHTTPS. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3224 : Aaron Sigel of vtty.com\r\n\r\nWeb Server\r\nAvailable for: Mac OS X Server v10.6.8\r\nImpact: Clients may be unable to access web services that require\r\ndigest authentication\r\nDescription: An issue in the handling of HTTP Digest authentication\r\nwas addressed. Users may be denied access to the server&#39;s resources,\r\nwhen the server configuration should have allowed the access. This\r\nissue does not represent a security risk, and was addressed to\r\nfacilitate the use of stronger authentication mechanisms. Systems\r\nrunning OS X Lion Server are not affected by this issue.\r\n\r\nX11\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\r\nImpact: Multiple vulnerabilities in libpng\r\nDescription: Multiple vulnerabilities existed in libpng, the most\r\nserious of which may lead to arbitrary code execution. These issues\r\nare addressed by updating libpng to version 1.5.4 on OS Lion systems,\r\nand to 1.2.46 on Mac OS X v10.6 systems. Further information is\r\navailable via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-2690\r\nCVE-2011-2691\r\nCVE-2011-2692\r\n\r\nOS X Lion v10.7.2 also includes Safari 5.1.1. For information on\r\nthe security content of Safari 5.1.1, please visit:\r\nhttp://support.apple.com/kb/HT5000\r\n\r\nOS X Lion v10.7.2 and Security Update 2011-006 may be obtained from\r\nthe Software Update pane in System Preferences, or Apple&#39;s Software\r\nDownloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nSecurity Update 2011-006 or OS X v10.7.2.\r\n\r\nFor OS X Lion v10.7.1\r\nThe download file is named: MacOSXUpd10.7.2.dmg\r\nIts SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229\r\n\r\nFor OS X Lion v10.7\r\nThe download file is named: MacOSXUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb\r\n\r\nFor OS X Lion Server v10.7.1\r\nThe download file is named: MacOSXServerUpd10.7.2.dmg\r\nIts SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da\r\n\r\nFor OS X Lion Server v10.7\r\nThe download file is named: MacOSXServerUpdCombo10.7.2.dmg\r\nIts SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2011-006Snow.dmg\r\nIts SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2011-006.dmg\r\nIts SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 &#40;Darwin&#41;\r\n\r\niQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3\r\nTFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md\r\n/BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U\r\nZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4\r\nsTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG\r\n69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU=\r\n=gsvn\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2011-10-16T00:00:00", "title": "APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-16T00:00:00", "id": "SECURITYVULNS:DOC:27155", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27155", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:07", "description": "Multiple vulnerabilities in different system components.", "edition": 2, "cvss3": {}, "published": "2011-10-24T00:00:00", "type": "securityvulns", "title": "Apple OS X multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0187", "CVE-2011-0421", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2011-3221", "CVE-2011-3227", "CVE-2011-0259", "CVE-2011-3216", "CVE-2011-3246", "CVE-2011-1466", "CVE-2011-3435", "CVE-2011-3222", "CVE-2011-0229", "CVE-2011-1521", "CVE-2010-4172", "CVE-2011-0419", "CVE-2011-1092", "CVE-2011-0252", "CVE-2011-3223", "CVE-2011-0185", "CVE-2011-1755", "CVE-2011-3220", "CVE-2011-0224", "CVE-2011-2464", "CVE-2010-4645", "CVE-2011-3214", "CVE-2010-3436", "CVE-2010-1157", "CVE-2011-0013", "CVE-2011-0708", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0231", "CVE-2011-0534", "CVE-2011-3437", "CVE-2011-2691", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-2089", "CVE-2011-3224", "CVE-2011-0226", "CVE-2011-1470", "CVE-2011-3192", "CVE-2011-3219", "CVE-2011-3436", "CVE-2011-3225", "CVE-2011-3215", "CVE-2011-0260", "CVE-2011-2692", "CVE-2010-2227", "CVE-2011-1469", "CVE-2011-3218", "CVE-2010-3614", "CVE-2011-3213", "CVE-2010-3718", "CVE-2011-0250", "CVE-2011-3217", "CVE-2010-3613", "CVE-2010-1634", "CVE-2010-0097", "CVE-2011-0251", "CVE-2011-0707", "CVE-2011-0230", "CVE-2011-3226", "CVE-2011-2690", "CVE-2011-0411", "CVE-2011-3212", "CVE-2009-4022", "CVE-2011-1910"], "modified": "2011-10-24T00:00:00", "id": "SECURITYVULNS:VULN:11973", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11973", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "cvss3": {}, "published": "2010-12-07T20:10:14", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: dnsperf-1.0.1.0-19.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2010-12-07T20:10:14", "id": "FEDORA:10088110CDD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3UOEQYVZJMWIPI7ERGJPLVMUCEWXT6UM/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "cvss3": {}, "published": "2010-12-07T20:10:13", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2010-12-07T20:10:13", "id": "FEDORA:0CF50110BC2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VAYTX6I5I6J6PIHT3ZOJ72BNK7M7BW4O/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2010-12-08T21:39:24", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bind-9.7.2-4.P3.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2010-12-08T21:39:24", "id": "FEDORA:3AA15110C70", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ECOPIWPDZ4FQVZW2ZHF37EIJU7ROYXTZ/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "cvss3": {}, "published": "2010-12-07T20:10:13", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: bind-9.7.2-1.P3.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0213", "CVE-2010-3613", "CVE-2010-3614"], "modified": "2010-12-07T20:10:13", "id": "FEDORA:08D0C110B45", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6Y4SKZGDV77TCEW45KKJ25RY566376KO/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T13:39:53", "description": "## Releases\n\n * Ubuntu 10.10 \n * Ubuntu 10.04 \n * Ubuntu 9.10 \n * Ubuntu 8.04 \n * Ubuntu 6.06 \n\n## Packages\n\n * bind9 \\- \n\nIt was discovered that Bind would incorrectly allow a ncache entry and a \nrrsig for the same type. A remote attacker could exploit this to cause \nBind to crash, resulting in a denial of service. (CVE-2010-3613)\n\nIt was discovered that Bind would incorrectly mark zone data as insecure \nwhen the zone is undergoing a key algorithm rollover. (CVE-2010-3614)\n", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "ubuntu", "title": "Bind vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614"], "modified": "2010-12-01T00:00:00", "id": "USN-1025-1", "href": "https://ubuntu.com/security/notices/USN-1025-1", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "cisa": [{"lastseen": "2021-02-24T18:07:00", "description": "The Internet Systems Consortium (ISC) has released three advisories to address multiple vulnerabilities affecting BIND. \n \nThe first advisory, [CVE-2010-3613](<https://www.isc.org/software/bind/advisories/cve-2010-3613>), addresses a vulnerability in BIND versions 9.6.2 to 9.6.2-P2, 9.6-ESV to 9.6-ESV-R2, and 9.70 to 9.7.2-P2. This vulnerability exists when cache incorrectly allows an ncache entry and a rrsig for the same type. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note [VU#706148](<http://www.kb.cert.org/vuls/id/706148>). \n \nThe second advisory, [CVE-2010-3614](<https://www.isc.org/software/bind/advisories/cve-2010-3614>), addresses a vulnerability in BIND versions 9.0.x to 9.7.2-P2, 9.4-ESV to 9.4-ESV-R3, and 9.6-ESV to 9.6-ESV-R2. This vulnerability exists when \"named\" incorrectly marks zone data as insecure when the zone being queried is undergoing a key algorithm rollover. Exploitation of this vulnerability may allow answers to be incorrectly marked as insecure. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note [VU#837744](<http://www.kb.cert.org/vuls/id/837744>). \n \nThe third advisory, [CVE-2010-3615](<https://www.isc.org/software/bind/advisories/cve-2010-3615>), addresses a vulnerability in BIND version 9.7.2-P2. This vulnerability is due to the incorrect processing of \"allow-query\". Exploitation of this vulnerability may allow a remote attacker to bypass access restrictions. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note [VU#510208](<http://www.kb.cert.org/vuls/id/510208>). \n \nUS-CERT encourages users and administrators to review the advisories listed above and apply any necessary updates to help mitigate the risks. Because BIND is often packaged in larger third-party applications or operating system distributions, users and administrators should check with their software vendors for updated versions. \n\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2010/12/02/Internet-Systems-Consortium-BIND-Vulnerabilities>); we'd welcome your feedback.\n", "edition": 2, "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "cisa", "title": "Internet Systems Consortium BIND Vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2012-10-23T00:00:00", "id": "CISA:F3AC94C11AFBF638C4776B43B99CA3A4", "href": "https://us-cert.cisa.gov/ncas/current-activity/2010/12/02/Internet-Systems-Consortium-BIND-Vulnerabilities", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T00:31:12", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2130-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nDecember 10, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-3762 CVE-2010-3614 CVE-2010-3613\n\nSeveral remote vulnerabilities have been discovered in BIND, an\nimplementation of the DNS protocol suite. The Common Vulnerabilities\nand Exposures project identifies the following problems:\n\nCVE-2010-3762\n\tWhen DNSSEC validation is enabled, BIND does not properly\n\thandle certain bad signatures if multiple trust anchors exist\n\tfor a single zone, which allows remote attackers to cause a\n\tdenial of service (server crash) via a DNS query.\n\nCVE-2010-3614\n\tBIND does not properly determine the security status of an NS\n\tRRset during a DNSKEY algorithm rollover, which may lead to\n\tzone unavailability during rollovers.\n\nCVE-2010-3613\n\tBIND does not properly handle the combination of signed\n\tnegative responses and corresponding RRSIG records in the\n\tcache, which allows remote attackers to cause a denial of\n\tservice (server crash) via a query for cached data.\n\nIn addition, this security update improves compatibility with\npreviously installed versions of the bind9 package. As a result, it\nis necessary to initiate the update with &quot;apt-get dist-upgrade&quot;\ninstead of &quot;apt-get update&quot;.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R3+dfsg-0+lenny1.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1:9.7.2.dfsg.P3-1.\n\nWe recommend that you upgrade your bind9 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get dist-upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg.orig.tar.gz\n Size/MD5 checksum: 5306404 ec28c0b7064129b070dfd66cab1f35ea\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1.diff.gz\n Size/MD5 checksum: 586005 b2a1e7cb005638fef1407292cf5f8157\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1.dsc\n Size/MD5 checksum: 1797 eb8bb4c623d66a15e237c6bc59e3697a\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.6.ESV.R3+dfsg-0+lenny1_all.deb\n Size/MD5 checksum: 283938 12739f36e1f811bccc66ac3a9d1eb432\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 52280 1eba7b3f656e5927fdc0869ca486c6c9\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 681034 bcdf57464c3663da3aab1e61a9015ae3\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 30728 4bd5408e582314ba7b5a8405ba3159e7\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 293012 52cfe30e7f7f34249757c540b2106ba4\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 155448 c48d973e5a2ff4cc0979af62c7573b34\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 65212 04163c09735b66c26b8d93197cf295b5\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 1742454 6d5b4b19dd0f0ce1cef39a8f43a07f47\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 228138 0e2ba9d48c2c158985aaf26b656b6438\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 176158 468845e2b97d2bfcd23e5286440217eb\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 34204 0ca1831fc0176c6d4ebb32737b2f0ce6\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 50490 fffba427f7705af5f4f33dce34d703e8\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb\n Size/MD5 checksum: 116306 a13d106378383543446f8a955aa9985d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 52326 073cb1ff3b603a1069692f77f75fea72\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 30150 0707d34e4a40061ccf6a0d3837f5c221\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 169760 089046616395bf50da2f5033eecf7296\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 49446 b396558bb4df8767b1ee56752deb6898\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 33544 432e3156c02f3bcf07f51ac87be9e5a3\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 667748 f6f7b722b7989f2e060dcd8722a00b61\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 107954 6eb3314daed0304d124dce9f95c1135f\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 227628 02856a46893d735a6a3400d52fe83c04\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 66362 0b92190505c37bfd259330abf8c3d1f3\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 292368 d83d76d2faea25ddee5edcca18b9138e\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 1418188 f8e333386ca70b984fe2556d2101ffb6\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb\n Size/MD5 checksum: 157834 c53c119e8890c46fb09f839df1572e7f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 44198 f1e4213ea032316454b9fa43614206e8\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 27708 e39324b80c96e0e14a7891ecba8e2b69\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 624826 da03ffe8c372f479c2bb1c5ae5cd45e6\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 158124 9605f3e5bbfa37e8c783de6c0b2d8b23\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 44770 430e9d11f64d5cd0e6599eee7a6f9d72\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 220046 89bea8d6b10b409a8fa2952bb1ae60cc\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 65824 8788ae2f785895f6a304c6268d46ce09\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 155494 ad10c3935b5d23870df5dab37fd9a70b\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 286292 eac1c4c78c50e358a5a5ccfa4501b58d\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 1247688 834d8e5321a77f0c1c7ff9ede000360d\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 103280 e219dc016551ff1dd9dbd54dab8b50f6\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb\n Size/MD5 checksum: 32632 d15083ca072bf2d43c086e36e31472fd\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 65362 37fbea7854a41211f2d526b6052b187e\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 619868 b170d4c018e70c4df578fb64d80bee93\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 1250334 d1fedca2933beb296ecf691ea59f8c12\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 217970 debed5f241f0196b0ee4ccd7dbb74aaf\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 158020 582f352c7060bde8fd8668bbd6fbad0b\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 44170 f639d9c0b6046ebaa42793e53e95462d\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 43750 d70f2f39ca05e8246882d32b19bf2a3b\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 32620 3093ca41ffb4ef2cdfa44c2516576599\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 284744 bb46add5e17b8ff0859e5cc6adf03e37\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 154702 125f35be63500c25ffaede3c1c5b3699\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 104612 cf1024f21c4743a02585f6566cbf2caa\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb\n Size/MD5 checksum: 27716 9d3ef4f8faebc541d76ff33aac3f1160\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 234496 2303bdd3968cb14cbdf90683ca530b03\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 48370 8b0f22a4a675ff3142e48b0d19e651b8\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 159918 a6d85dfa761ce083e3352f09d75d48fd\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 299626 6001e99870888dbb3b0a586101b105df\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 171548 4eeffc6fd1e9d9451df50af0e611caf2\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 1543550 588c9fc93ee20f71889e26ec5e15bb3f\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 35744 2d0f9ab4bb7009ef9325cee43c1eac97\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 113726 1db9ab94a6b13485b6e3a42d73d454d8\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 52274 f94a343e7fe4870cb9ab7b95602c8bad\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 29808 06ca443dc203f49efc891f783e9e2545\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 687182 92370b8ef85bdac41e8cb351800d8b89\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb\n Size/MD5 checksum: 66966 737c4f6a6b08e371d55dd950c8d7a700\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 612924 fd418a32be35fc2c238ea5a81417b204\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 155166 4b518a5a2e73a7c384e1928553b8ce4f\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 213972 f0f1eb5ee422462c266ea50cb9e26ebb\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 62936 2e15e1c32557ee0b096744e3e4cbe2a8\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 147524 a937b8b18c7b0f0918ef7969ef4a72b1\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 101536 e69fb60a85ac436f0274eee80367a506\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 33938 18af2cc2f508848b2fbf246c27d52f8f\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 1352362 24a0632d51bea9c3eb572ef51022958e\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 277776 7a5c9bb8d335e74da600544bdefc3c30\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 46690 c07c61fafff823f7dcb270cbe862cc77\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 28272 ddbaa6803eea749b907f42be0288b60a\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb\n Size/MD5 checksum: 45940 e83314e0ce547b785697226cbc6bc272\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 204072 843beb3bcfd6e1b0b37721610d4f59b1\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 34706 71d3964a70d82bfd1b5f8f9ddff1ac74\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 59072 018d37e21b9292c9e0dd66c385bad044\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 61312 ff8b147c4d1da8beb8359f3f3b2fa350\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 1999506 f7a49758a7d24b2577159a3f5874de3a\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 239586 32bae2300f420569003630f058709ae8\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 139318 190cf42c18f176a956992b4eed60347a\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 38786 a8a996cdb3d2a366df36d9aadd75f72f\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 377628 ee8a863a598d8633abeb83f547aa6b0e\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 303948 d3db12171f3b3e9d87343e68aa984a07\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 954280 1da14efd17eb8ddf96ccb2f25abf3435\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb\n Size/MD5 checksum: 83882 860536e3dc3d9e6f33959d4ccbc4e4f8\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 45558 b0360206a88697d4596b0077fda724de\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 27994 7ec01643c9fed926e96349133f7659a4\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 1508340 72735666f05647fac278493c7bad38e9\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 145338 bce072c6b81cce11697deb399c5e7bb4\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 151928 c6af25423c640ac1b6d8a0d680af062f\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 61800 82c7abbe08ff3f32e41355c23325f772\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 586310 042927e282104373f265ba1cd0985f76\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 31726 27cfbaf7b5b4406366270dfcfadc4279\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 274638 fb3238e76993de11d0faf8f716404e55\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 210996 50acc3fe4e494181f0c58ce7eae1efc5\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 103926 f5ce4df9d9f1c71e8354923c08758b56\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb\n Size/MD5 checksum: 43476 3f6a86f3dd02126e18ef4fe27d224fe2\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 273324 8ce05a3452b76c75b03217c5af4b8721\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 1492094 093f6b88517e9e758fe4da86ea9c107a\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 102012 0670af7be90efc8b08f1970569be3d79\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 31672 b4215cf9bd119d2496facdce97817097\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 145390 20c3216ebb23027030b7c90aab0798b3\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 61914 567391fcb7d522af653ebb03e8c5810e\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 584960 f8a07fbfb6d0bd44b5eaa478d563fea4\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 28080 92fbd9fa3c9c7851a84a0dfe53ffac10\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 44506 d5a0bd0670c1b36a08fde07bab4f736d\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 210594 0dd8ee24ff97493e961bc402e612a201\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 153258 8dafb5f933854bf1c842be19a32c0ad0\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb\n Size/MD5 checksum: 43516 8350f1bed24d766618e4e49d69067cd2\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 120838 d727c8007326747678a3f8a977d14fd1\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 51032 bcc68c04d96f9e68e2a1d4959b702b43\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 1319760 d6bda0d73ae61e93ff2a41891803851c\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 161394 dae28b3ec2b914f8d3fcbb7562c35a28\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 301450 28e98e3aa7c88adfbf137241170f155a\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 31668 f7fc0d4a8938ff6ce71c4049b2f6eefa\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 230046 19708eed22c3500527cd4e579c882374\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 50538 976fed891cd50bd78ee7ce1ee6de3daa\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 168348 96e1db033da8157568c1b47594bbfaac\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 36020 722e15266bcd21acc45451e53eb0920a\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 67174 da2a55f107dffe14b9cdd7971d84b8e1\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb\n Size/MD5 checksum: 648142 a2467d0bae4b305a6a7930abad0f5663\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 237380 d486beabef54298067f7c6ad2eac6996\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 51988 e7adb37d3841c6260e9fe72423fbafe9\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 302740 7633c6b129192b066fd9705f55ffa918\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 167224 c5b7b9f3b1a1d73f010b79b33777205c\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 1415310 b9a0ff9a30882ec71cacb1c433f71fc9\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 34074 121fb9f13bd7b764baaee449c636f841\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 112166 b010965b054f746bdbe9b24bb557743f\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 30026 5377ebe88a7ef95ac0243127e34e5c22\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 657976 803badc9f89dcc32bc93c4a372f57b37\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 173256 94265f77f99360c6c94b7804a0bb9102\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 71234 2232f643ee63b05284abcf8f72bda975\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb\n Size/MD5 checksum: 47826 88984ad23f73e75e8af3fbc98f84d601\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 27482 b0fa6f312988cb6a2e8bacacb85a82c5\n http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 1431096 31da379ed31ab41fada9ee01338d8eea\n http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 45504 e0a01ea46ee0da21186f29fb8cba9343\n http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 109166 d211ed5e5a7f1bef772689931a1d817a\n http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 43966 6161ef8c3f61e701c1547f7628417475\n http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 32830 dd61cb79b2b562a84c78605404c1b7f2\n http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 221622 ea86051f96b963066aedb98e76f32706\n http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 604296 cfa354fb9a60513f8828ef002b727705\n http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 65796 1dcedcb62ab6ccd6c25bda8e6fd68d6e\n http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 155078 4a3d11ba92ed8de8a74145a3c1ff0aae\n http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 286248 b6cbb4865b0c224db1f0195294b63170\n http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb\n Size/MD5 checksum: 154372 fa7c227f5c5420cd857d83122184f871\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;", "cvss3": {}, "published": "2010-12-10T20:27:48", "type": "debian", "title": "[SECURITY] [DSA-2130-1] New BIND packages fix denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2010-12-10T20:27:48", "id": "DEBIAN:DSA-2130-1:300E3", "href": "https://lists.debian.org/debian-security-announce/2010/msg00182.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "slackware": [{"lastseen": "2021-07-28T14:46:30", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that\ncould allow attackers to successfully query private DNS records, or cause a\ndenial of service.\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/bind-9.4_ESV_R4-i486-1_slack13.1.txz: Upgraded.\n This update fixes some security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R4-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R4-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R4-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R4-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.2_P3-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.2_P3-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\nc6558b863b2c06bd860788d2e063d6b1 bind-9.4_ESV_R4-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\nb8017dc56859c7ea12878fd55a139914 bind-9.4_ESV_R4-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\n1c2a32a60d4f2930040d9eb2ff01298c bind-9.4_ESV_R4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n07227e76140a50a530b264ceb2209f80 bind-9.4_ESV_R4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n842d8a7d2fcba797ba4a0c4b304ebec0 bind-9.4_ESV_R4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n07373bf15e27335132bc8c17690134df bind-9.4_ESV_R4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\naca01fb99555ccffaa08294f4be13772 bind-9.4_ESV_R4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n621703e39b34d091e65084a9c80ac015 bind-9.4_ESV_R4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n57664e1beb3b046949fadf4fa48dec8d bind-9.4_ESV_R4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n74e1feb7ae425e4f8072cf125f25172f bind-9.4_ESV_R4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\neaa9031813f824f93d532a0134b8d6f1 bind-9.4_ESV_R4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n7dce1ab33c6cff13b7be0e95cd72da7a bind-9.4_ESV_R4-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nc200ff5446cbdbf0ccabdd3b0b085ae4 bind-9.4_ESV_R4-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n3c49a4f64373cf3c47a4c3ef4e2ac159 bind-9.4_ESV_R4-x86_64-1_slack13.1.txz\n\nSlackware -current package:\nc62f701d512980604924dd8b1c022283 bind-9.7.2_P3-i486-1.txz\n\nSlackware x86_64 -current package:\nbc32cc42a4dffd1eed0c0a60a52eb147 bind-9.7.2_P3-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.4_ESV_R4-i486-1_slack13.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "cvss3": {}, "published": "2010-12-16T21:45:59", "type": "slackware", "title": "[slackware-security] bind", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615"], "modified": "2010-12-16T21:45:59", "id": "SSA-2010-350-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:08:43", "description": "\nSeveral remote vulnerabilities have been discovered in BIND, an\nimplementation of the DNS protocol suite. The Common Vulnerabilities\nand Exposures project identifies the following problems:\n\n\n* [CVE-2010-3762](https://security-tracker.debian.org/tracker/CVE-2010-3762)\nWhen DNSSEC validation is enabled, BIND does not properly\n handle certain bad signatures if multiple trust anchors exist\n for a single zone, which allows remote attackers to cause a\n denial of service (server crash) via a DNS query.\n* [CVE-2010-3614](https://security-tracker.debian.org/tracker/CVE-2010-3614)\nBIND does not properly determine the security status of an NS\n RRset during a DNSKEY algorithm rollover, which may lead to\n zone unavailability during rollovers.\n* [CVE-2010-3613](https://security-tracker.debian.org/tracker/CVE-2010-3613)\nBIND does not properly handle the combination of signed\n negative responses and corresponding RRSIG records in the\n cache, which allows remote attackers to cause a denial of\n service (server crash) via a query for cached data.\n\n\nIn addition, this security update improves compatibility with\npreviously installed versions of the bind9 package. As a result, it\nis necessary to initiate the update with \"apt-get dist-upgrade\"\ninstead of \"apt-get update\".\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1:9.6.ESV.R3+dfsg-0+lenny1.\n\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1:9.7.2.dfsg.P3-1.\n\n\nWe recommend that you upgrade your bind9 packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-12-10T00:00:00", "type": "osv", "title": "bind9 - denial of service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762"], "modified": "2022-08-10T07:08:39", "id": "OSV:DSA-2130-1", "href": "https://osv.dev/vulnerability/DSA-2130-1", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T04:47:54", "description": "**CentOS Errata and Security Advisory** CESA-2010:0976\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG\nrecords when adding an NCACHE record for the same entry to the cache. A\nremote attacker allowed to send recursive DNS queries to named could use\nthis flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request for a\nrecord in that zone with a bad signature could cause named to crash.\n(CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform\nDNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\nalgorithm rollover. This flaw could cause the validator to incorrectly\ndetermine that the zone is insecure and not protected by DNSSEC.\n(CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2010-December/066684.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-December/066685.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:0976", "cvss3": {}, "published": "2010-12-14T01:18:10", "type": "centos", "title": "bind, caching security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2010-12-14T01:18:10", "id": "CESA-2010:0976", "href": "https://lists.centos.org/pipermail/centos-announce/2010-December/066684.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-01T04:47:52", "description": "**CentOS Errata and Security Advisory** CESA-2010:1000\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache. A\nremote attacker allowed to send recursive DNS queries to named could use\nthis flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-January/066714.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-January/066715.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-utils\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:1000", "cvss3": {}, "published": "2011-01-27T09:19:06", "type": "centos", "title": "bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2011-01-27T09:20:04", "id": "CESA-2010:1000", "href": "https://lists.centos.org/pipermail/centos-announce/2011-January/066714.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:44:55", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached RRSIG\nrecords when adding an NCACHE record for the same entry to the cache. A\nremote attacker allowed to send recursive DNS queries to named could use\nthis flaw to crash named. (CVE-2010-3613)\n\nA flaw was found in the DNSSEC validation code in named. If named had\nmultiple trust anchors configured for a zone, a response to a request for a\nrecord in that zone with a bad signature could cause named to crash.\n(CVE-2010-3762)\n\nIt was discovered that, in certain cases, named did not properly perform\nDNSSEC validation of an NS RRset for zones in the middle of a DNSKEY\nalgorithm rollover. This flaw could cause the validator to incorrectly\ndetermine that the zone is insecure and not protected by DNSSEC.\n(CVE-2010-3614)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "cvss3": {}, "published": "2010-12-13T00:00:00", "type": "redhat", "title": "(RHSA-2010:0976) Important: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762"], "modified": "2017-09-08T08:18:14", "id": "RHSA-2010:0976", "href": "https://access.redhat.com/errata/RHSA-2010:0976", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-21T04:44:36", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nIt was discovered that named did not invalidate previously cached SIG\nrecords when adding an NCACHE record for the same entry to the cache. A\nremote attacker allowed to send recursive DNS queries to named could use\nthis flaw to crash named. (CVE-2010-3613)\n\nAll BIND users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "cvss3": {}, "published": "2010-12-20T00:00:00", "type": "redhat", "title": "(RHSA-2010:1000) Important: bind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2017-09-08T08:18:01", "id": "RHSA-2010:1000", "href": "https://access.redhat.com/errata/RHSA-2010:1000", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-07-27T10:17:25", "description": "bind is vulnerable to authorization bypass. The vulnerability exists as it was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC.\n", "cvss3": {}, "published": "2020-04-10T00:51:03", "type": "veracode", "title": "Authorization Bypass", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2022-04-19T18:32:03", "id": "VERACODE:24280", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24280/summary", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-07-27T10:52:39", "description": "bind is vulnerable to denial of service. It was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named.\n", "cvss3": {}, "published": "2020-04-10T00:51:03", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2022-04-19T18:25:19", "id": "VERACODE:24279", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24279/summary", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2017-10-12T02:11:13", "description": "**Note**: For information about signing up to receive security notice updates from F5, refer to [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>).\n\n**Note**: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5's security policy regarding evaluating older and unsupported versions of F5 products, refer to [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n**F5 products and versions that have been evaluated for this Security Advisory**\n\nProduct | Affected | Not Affected \n---|---|--- \nBIG-IP LTM | None | *9.0.0 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP GTM | None | *9.2.2 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \nBIG-IP ASM | None | *9.2.0 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \nBIG-IP Link Controller | None | *9.2.2 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \nBIG-IP WebAccelerator | None | *9.4.0 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP PSM | None | *9.4.5 - 9.4.8 \n*10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP WOM | None | *10.0.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP APM | None | *10.1.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP Edge Gateway | None | *10.1.0 - 10.2.1 \n10.2.1 HF1 \n10.2.2 - 10.2.4 \n11.x \n \nBIG-IP Analytics | None | 11.x \nBIG-IP AFM | None \n| 11.x \n \nBIG-IP PEM \n| None \n| 11.x \n \nBIG-IP AAM | None | 11.x \nFirePass | None | 5.x \n6.x \n7.x \nEnterprise Manager | None | *1.0.0 - 2.3.0 \n3.x \nARX | None | 2.x \n3.x \n4.x \n5.x \n6.x \n \n* F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems.\n\nThis security advisory describes a **BIND** vulnerability.\n\nFor information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614>\n\nF5 Product Development tracked an update to a version of BIND which mitigates this vulnerability, as ID 345944 and it was fixed in BIG-IP 10.2.2. BIND was updated to a non-vulnerable version in BIG-IP 10.2.1 HF1. You may download the 10.2.1 HF1 hotfix or later versions of the hotfix from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nIn addition, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H383256 on the Diagnostics &gt; Identified &gt; Medium screen.\n\nFor a list of the latest available hotfixes, refer to [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>).\n\nFor information about the F5 hotfix policy, refer to [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>).\n\nFor information about how to manage F5 product hotfixes, refer to [K6845: Managing F5 product hotfixes](<https://support.f5.com/csp/article/K6845>).\n\nFor information about installing version 10.x hotfixes, refer to in [K10025: Managing F5 product hotfixes for BIG-IP 10.x systems](<https://support.f5.com/csp/article/K10025>).\n", "cvss3": {}, "published": "2011-01-28T02:14:00", "type": "f5", "title": "BIND vulnerability CVE-2010-3614", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2016-01-09T02:22:00", "id": "F5:K12567", "href": "https://support.f5.com/csp/article/K12567", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:08", "description": "* F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems.\n\nThis security advisory describes a **BIND** vulnerability.\n\nFor information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614>\n\nF5 Product Development tracked an update to a version of BIND which mitigates this vulnerability, as ID 345944 and it was fixed in BIG-IP 10.2.2. BIND was updated to a non-vulnerable version in BIG-IP 10.2.1 HF1. You may download the 10.2.1 HF1 hotfix or later versions of the hotfix from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nIn addition, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H383256 on the Diagnostics &gt; Identified &gt; Medium screen.\n\nFor a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.\n\nFor information about installing version 10.x hotfixes, refer to in SOL10025: Managing F5 product hotfixes for BIG-IP 10.x systems.\n", "cvss3": {}, "published": "2011-01-27T00:00:00", "type": "f5", "title": "SOL12567 - BIND vulnerability CVE-2010-3614", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2013-07-03T00:00:00", "id": "SOL12567", "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12567.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-05-30T21:02:09", "description": "This security advisory describes a **BIND** vulnerability.\n\nFor information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n**Note**: The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613>\n", "cvss3": {}, "published": "2011-05-13T00:00:00", "type": "f5", "title": "SOL12851 - BIND vulnerability CVE-2010-3613", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2013-09-11T00:00:00", "id": "SOL12851", "href": "http://support.f5.com/kb/en-us/solutions/public/12000/800/sol12851.html", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-12T02:11:22", "description": "**Note**: For information about signing up to receive security notice updates from F5, refer to [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>).\n\n**Note**: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n**F5 products and versions that have been evaluated for this Security Advisory**\n\nProduct | Affected | Not Affected \n---|---|--- \nBIG-IP LTM | None | 9.x \n10.x \n11.x \nBIG-IP GTM | None | 9.x \n10.x \n11.x \nBIG-IP ASM | None | 9.x \n10.x \n11.x \nBIG-IP Link Controller | None | 9.x \n10.x \n11.x \nBIG-IP WebAccelerator | None | 9.x \n10.x \n11.x \nBIG-IP PSM | None | 9.x \n10.x \n11.x \nBIG-IP WOM | None | 10.x \n11.x \nBIG-IP APM | None | 10.x \n11.x \nBIG-IP Edge Gateway | None | 10.x \n11.x \nBIG-IP Analytics | None | 11.x \nBIG-IP AFM | None | 11.x \nBIG-IP PEM \n| None | 11.x \nBIG-IP AAM | None | 11.x \nFirePass | None | 5.x \n6.x \n7.x \nEnterprise Manager | None | 1.x \n2.x \n3.x \nARX | None | 4.x \n5.x \n6.x \n \nThis security advisory describes a **BIND** vulnerability.\n\nFor information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n**Note**: The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613>\n", "cvss3": {}, "published": "2011-05-14T03:04:00", "type": "f5", "title": "BIND vulnerability CVE-2010-3613", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2016-01-09T02:25:00", "id": "F5:K12851", "href": "https://support.f5.com/csp/article/K12851", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "cve": [{"lastseen": "2022-03-23T12:33:26", "description": "named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.", "cvss3": {}, "published": "2010-12-06T13:44:00", "type": "cve", "title": "CVE-2010-3614", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2018-10-10T20:04:00", "cpe": ["cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.2", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.2.1", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.4.0"], "id": "CVE-2010-3614", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3614", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r9_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:33:26", "description": "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.", "cvss3": {}, "published": "2010-12-06T13:44:00", "type": "cve", "title": "CVE-2010-3613", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2018-10-10T20:04:00", "cpe": ["cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.7.0"], "id": "CVE-2010-3613", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3613", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2022-08-04T14:35:16", "description": "named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV\nbefore 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly\ndetermine the security status of an NS RRset during a DNSKEY algorithm\nrollover, which might allow remote attackers to cause a denial of service\n(DNSSEC validation error) by triggering a rollover.", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3614", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2010-12-01T00:00:00", "id": "UB:CVE-2010-3614", "href": "https://ubuntu.com/security/CVE-2010-3614", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-08-04T14:35:17", "description": "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and\n9.7.x before 9.7.2-P3 does not properly handle the combination of signed\nnegative responses and corresponding RRSIG records in the cache, which\nallows remote attackers to cause a denial of service (daemon crash) via a\nquery for cached data.", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3613", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2010-12-01T00:00:00", "id": "UB:CVE-2010-3613", "href": "https://ubuntu.com/security/CVE-2010-3613", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2021-09-28T17:51:01", "description": "### Overview\n\nISC BIND named contains a vulnerability where under certain situations it could incorrectly mark zone data as insecure.\n\n### Description\n\nAccording to [ISC](<https://www.isc.org/software/bind/advisories/cve-2010-3614>):\n\n_named, acting as a DNSSEC validator, was determining if an NS RRset is insecure based on a value that could mean either that the RRset is actually insecure or that there wasn't a matching key for the RRSIG in the DNSKEY RRset when resuming from validating the DNSKEY RRset. \nThis can happen when in the middle of a DNSKEY algorithm rollover, when two different algorithms were used to sign a zone but only the new set of keys are in the zone DNSKEY RRset._ \n \n--- \n \n### Impact\n\nAnswers are marked incorrectly as insecure. \n \n--- \n \n### Solution\n\n**Apply an update \n \n**Users who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.** \n** \nThis vulnerability is addressed in ISC BIND versions 9.4-ESV-R4, 9.6.2-P3 or 9.6-ESV-R3, and 9.7.2-P3. Users of BIND from the original source distribution should upgrade to one of these versions, as appropriate. \n \nSee also <https://www.isc.org/software/bind/advisories/cve-2010-3614> \n \n--- \n \n### Vendor Information\n\n837744\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Internet Systems Consortium Affected\n\nUpdated: December 01, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3614>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3614>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2010-3614](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-3614>) \n---|--- \n**Severity Metric:** | 7.65 \n**Date Public:** | 2010-12-01 \n**Date First Published:** | 2010-12-01 \n**Date Last Updated: ** | 2010-12-01 21:33 UTC \n**Document Revision: ** | 17 \n", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "cert", "title": "ISC BIND named validator vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2010-12-01T21:33:00", "id": "VU:837744", "href": "https://www.kb.cert.org/vuls/id/837744", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-09-28T17:51:01", "description": "### Overview\n\nThe ISC BIND nameserver contains a vulnerability that could allow a remote attacker to cause a denial of service.\n\n### Description\n\nAccording to [ISC](<https://www.isc.org/software/bind/advisories/cve-2010-3613>):\n\n_Adding certain types of signed negative responses to cache doesn't clear any matching RRSIG records already in cache. A subsequent lookup of the cached data can cause named to crash (INSIST)._ \n \n--- \n \n### Impact\n\nA remote attacker could cause the name server on an affected system to crash. ISC notes that this vulnerability affects recursive nameservers irrespective of whether DNSSEC validation is enabled or disabled. \n \n--- \n \n### Solution\n\n**Apply an update \n \n**Users who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.** \n** \nThis vulnerability is addressed in ISC BIND versions 9.4-ESV-R4, 9.6.2-P3, 9.6-ESV-R3, and 9.7.2-P3. Users of BIND from the original source distribution should upgrade to one of these versions, as appropriate. \n \nSee also <https://www.isc.org/software/bind/advisories/cve-2010-3613> \n \n--- \n \n### Vendor Information\n\n706148\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Internet Systems Consortium Affected\n\nUpdated: December 01, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3613>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3613>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2010-3613](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-3613>) \n---|--- \n**Severity Metric:** | 7.65 \n**Date Public:** | 2010-12-01 \n**Date First Published:** | 2010-12-01 \n**Date Last Updated: ** | 2010-12-16 14:02 UTC \n**Document Revision: ** | 23 \n", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "cert", "title": "ISC BIND cache vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2010-12-16T14:02:00", "id": "VU:706148", "href": "https://www.kb.cert.org/vuls/id/706148", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-09-28T17:51:01", "description": "### Overview\n\nISC BIND contains a vulnerability in the processing of the _allow-query_ access control specifier.\n\n### Description\n\nAccording to [ISC](<https://www.isc.org/software/bind/advisories/cve-2010-3615>):\n\n_When named is running as an authoritative server for a zone and receives a query for that zone data, it first checks for allow-query acls in the zone statement, then in that view, then in global options. If none of these exist, it defaults to allowing any query (allow-query {\"any\"};). \nWith this bug, if the allow-query is not set in the zone statement, it failed to check in view or global options and fell back to the default of allowing any query. This means that queries that the zone owner did not wish to allow were incorrectly allowed. _ \n_This bug doesn't affect allow-recursion or allow-query-cache acls, since they are not relevant to a zone for which the server is authoritative._ \n \n--- \n \n### Impact\n\nThe configured acl is not correctly applied, allowing queries that the owner did not wish to allow. \n \n--- \n \n### Solution\n\n**Apply an update \n \n**Users who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.** \n** \nThis vulnerability is addressed in ISC BIND version 9.7.2-P3. Users of BIND from the original source distribution should upgrade to this version. \n \nSee also <https://www.isc.org/software/bind/advisories/cve-2010-3615>[](<https://www.isc.org/software/bind/advisories/cve-2010-3613>) \n \n--- \n \n### Vendor Information\n\n510208\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Internet Systems Consortium Affected\n\nUpdated: December 01, 2010 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3615>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <https://www.isc.org/software/bind/advisories/cve-2010-3615>\n * <http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories>\n\n### Acknowledgements\n\nThanks to Internet Systems Consortium for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2010-3615](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-3615>) \n---|--- \n**Severity Metric:** | 7.65 \n**Date Public:** | 2010-12-01 \n**Date First Published:** | 2010-12-01 \n**Date Last Updated: ** | 2010-12-01 21:33 UTC \n**Document Revision: ** | 19 \n", "cvss3": {}, "published": "2010-12-01T00:00:00", "type": "cert", "title": "ISC BIND named allow-query vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3615"], "modified": "2010-12-01T21:33:00", "id": "VU:510208", "href": "https://www.kb.cert.org/vuls/id/510208", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-01-27T06:05:21", "description": "named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.", "cvss3": {}, "published": "2010-12-06T13:44:00", "type": "debiancve", "title": "CVE-2010-3614", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3614"], "modified": "2010-12-06T13:44:00", "id": "DEBIANCVE:CVE-2010-3614", "href": "https://security-tracker.debian.org/tracker/CVE-2010-3614", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-27T06:05:21", "description": "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.", "cvss3": {}, "published": "2010-12-06T13:44:00", "type": "debiancve", "title": "CVE-2010-3613", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613"], "modified": "2010-12-06T13:44:00", "id": "DEBIANCVE:CVE-2010-3613", "href": "https://security-tracker.debian.org/tracker/CVE-2010-3613", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "vmware": [{"lastseen": "2021-06-08T18:38:42", "description": "a. Service Location Protocol daemon DoS \nThis patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. \nVMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us. \nThe Common Vulnerabilities and Exposures project ([cve.mitre.org](<http://www.cve.mitre.org/>)) has assigned the names CVE-2010-3609 to this issue. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "vmware", "title": "VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2012-01-30T00:00:00", "id": "VMSA-2011-0004", "href": "https://www.vmware.com/security/advisories/VMSA-2011-0004.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-19T20:02:50", "description": "a. Service Location Protocol daemon DoSThis patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3609 to this issue.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "vmware", "title": "VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3609", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762", "CVE-2010-3853"], "modified": "2012-01-30T00:00:00", "id": "VMSA-2011-0004.3", "href": "https://www.vmware.com/security/advisories/VMSA-2011-0004.3.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:12:54", "description": "### Background\n\nBIND is the Berkeley Internet Name Domain Server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nThe vulnerabilities allow remote attackers to cause a Denial of Service (daemon crash) via a DNS query, to bypass intended access restrictions, to incorrectly cache a ncache entry and a rrsig for the same type and to incorrectly mark zone data as insecure. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll bind users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/bind-9.7.4_p1\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since December 22, 2011. It is likely that your system is already no longer affected by this issue.", "cvss3": {}, "published": "2012-06-02T00:00:00", "type": "gentoo", "title": "BIND: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3615", "CVE-2010-3762", "CVE-2011-0414", "CVE-2011-1910", "CVE-2011-2464", "CVE-2011-2465", "CVE-2011-4313"], "modified": "2012-06-02T00:00:00", "id": "GLSA-201206-01", "href": "https://security.gentoo.org/glsa/201206-01", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}]}