{"id": "SECURITYVULNS:VULN:12640", "bulletinFamily": "software", "title": "bind DoS", "description": "A problem in RBT algorythm implementation causes hang on specific combination of records.", "published": "2012-10-12T00:00:00", "modified": "2012-10-12T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12640", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:28626"], "cvelist": ["CVE-2012-5166"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:49", "edition": 1, "viewCount": 5, "enchantments": {"score": {"value": 7.4, "vector": "NONE", "modified": "2018-08-31T11:09:49", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-5166"]}, {"type": "f5", "idList": ["F5:K14201", "SOL14201"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1364", "ELSA-2012-1365", "ELSA-2012-1363"]}, {"type": "fedora", "idList": ["FEDORA:0D28C20AB3", "FEDORA:C551820CBE", "FEDORA:AC5CF2095A", "FEDORA:EF8FE20AA3", "FEDORA:0411120AA7", "FEDORA:A2BDF20959", "FEDORA:CE50A20CE1", "FEDORA:D6E1720A89"]}, {"type": "ubuntu", "idList": ["USN-1601-1"]}, {"type": "suse", "idList": ["SUSE-SU-2012:1390-2", "SUSE-SU-2012:1390-3", "SUSE-SU-2012:1390-1", "OPENSUSE-SU-2012:1372-1"]}, {"type": "aix", "idList": ["BIND9_ADVISORY5.ASC"]}, {"type": "centos", "idList": ["CESA-2012:1364", "CESA-2012:1363"]}, {"type": "amazon", "idList": ["ALAS-2012-138"]}, {"type": "redhat", "idList": ["RHSA-2012:1365", "RHSA-2012:1363", "RHSA-2012:1364"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28626"]}, {"type": "freebsd", "idList": ["57A700F9-12C0-11E2-9F86-001D923933B6", "4B79538B-A450-11E2-9898-001060E06FD4"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2560.NASL", "REDHAT-RHSA-2012-1363.NASL", "ORACLELINUX_ELSA-2012-1363.NASL", "AIX_U857842.NASL", "FEDORA_2012-15965.NASL", "FEDORA_2012-15981.NASL", "FREEBSD_PKG_57A700F912C011E29F86001D923933B6.NASL", "AIX_IV30365.NASL", "FEDORA_2012-16022.NASL", "AIX_U854646.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881522", "OPENVAS:1361412562310850350", "OPENVAS:1361412562310807203", "OPENVAS:1361412562310864807", "OPENVAS:831745", "OPENVAS:1361412562310123800", "OPENVAS:136141256231072478", "OPENVAS:136141256231072531", "OPENVAS:1361412562310870849", "OPENVAS:870847"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2560-1:82F31"]}], "modified": "2018-08-31T11:09:49", "rev": 2}, "vulnersScore": 7.4}, "affectedSoftware": []}

{"cve": [{"lastseen": "2020-10-03T12:06:10", "description": "ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.", "edition": 3, "cvss3": {}, "published": "2012-10-10T21:55:00", "title": "CVE-2012-5166", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5166"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:isc:bind:9.3.1", "cpe:/a:isc:bind:9.0.0", "cpe:/a:isc:bind:9.3.0", "cpe:/a:isc:bind:9.6.3", "cpe:/a:isc:bind:9.7.1", "cpe:/a:isc:bind:9.2.7", "cpe:/a:isc:bind:9.8.3", "cpe:/a:isc:bind:9.2.6", "cpe:/a:isc:bind:9.7.3", "cpe:/a:isc:bind:9.0", "cpe:/a:isc:bind:9.7.4", "cpe:/a:isc:bind:9.1.1", "cpe:/a:isc:bind:9.8.1", "cpe:/a:isc:bind:9.7.6", "cpe:/a:isc:bind:9.5.1", "cpe:/a:isc:bind:9.7.2", "cpe:/a:isc:bind:9.9.1", "cpe:/a:isc:bind:9.4.1", "cpe:/a:isc:bind:9.3.2", "cpe:/a:isc:bind:9.3.4", "cpe:/a:isc:bind:9.6.0", "cpe:/a:isc:bind:9.8.0", "cpe:/a:isc:bind:9.3.6", "cpe:/a:isc:bind:9.4.2", "cpe:/a:isc:bind:9.1.3", "cpe:/a:isc:bind:9.1", "cpe:/a:isc:bind:9.2.9", "cpe:/a:isc:bind:9.1.2", "cpe:/a:isc:bind:9.2.5", "cpe:/a:isc:bind:9.9.0", "cpe:/a:isc:bind:9.3", "cpe:/a:isc:bind:9.6.1", "cpe:/a:isc:bind:9.2.0", "cpe:/a:isc:bind:9.4.0", "cpe:/a:isc:bind:9.8.2", "cpe:/a:isc:bind:9.5.3", "cpe:/a:isc:bind:9.2.8", "cpe:/a:isc:bind:9.7.0", "cpe:/a:isc:bind:9.1.0", "cpe:/a:isc:bind:9.6", "cpe:/a:isc:bind:9.3.3", "cpe:/a:isc:bind:9.5.0", "cpe:/a:isc:bind:9.4", "cpe:/a:isc:bind:9.2.3", "cpe:/a:isc:bind:9.4.3", "cpe:/a:isc:bind:9.7.5", "cpe:/a:isc:bind:9.0.1", "cpe:/a:isc:bind:9.3.5", "cpe:/a:isc:bind:9.5", "cpe:/a:isc:bind:9.2.4", "cpe:/a:isc:bind:9.6.2", "cpe:/a:isc:bind:9.2.2", "cpe:/a:isc:bind:9.5.2", "cpe:/a:isc:bind:9.2.1"], "id": "CVE-2012-5166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5166", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:p3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:26", "bulletinFamily": "software", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "edition": 1, "description": "\nF5 Product Development has assigned ID 400789 (BIG-IP and Enterprise Manager) to this vulnerability. To find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table: \n\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \n \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP Analytics | 11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP APM | 10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP ASM | 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP Edge Gateway \n| 10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 | 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP GTM | 9.2.2 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP Link Controller | 9.2.2 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP PEM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | 9.4.5 - 9.4.8 \n10.1.0 - 10.2.4 HF4 \n11.0.0 - 11.2.0 HF2 \n11.2.1 - 11.2.1 HF1 \n| 10.2.4 HF5 \n11.2.0 HF3 \n11.2.1 HF2 \n11.3.0 - 11.4.0 \n| BIND DNS server \nBIG-IP WebAccelerator | None \n| 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nBIG-IP WOM | None \n| 10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 | 3.1.1 \n| BIND DNS server \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nTo mitigate this vulnerability, you can disable recursion of the DNS server. To do so, perform the following procedure:\n\n**Impact of action:** The BIG-IP system will not be able to perform recursive lookups and may cause DNS lookup failures. BIG-IP GTM functionality may be impacted. \n\n\n 1. Log in to the BIG-IP system command line. \n\n 2. Using a text editor, such as vi, edit the **/var/named/etc/named.conf **file. \n\n 3. Add the following line to the options section: \n \nrecursion no; \n\n 4. Save the file. \n 5. To load the new configuration, type the following command: \n \nrndc reload\n\n * [CVE-2012-5166](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [CVE 2012-4244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2016-01-09T02:30:00", "published": "2013-02-11T21:20:00", "id": "F5:K14201", "href": "https://support.f5.com/csp/article/K14201", "title": "BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:29", "bulletinFamily": "software", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "edition": 1, "description": "Recommended Action\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nTo mitigate this vulnerability, you can disable recursion of the DNS server. To do so, perform the following procedure:\n\n**Impact of action:** The BIG-IP system will not be able to perform recursive lookups and may cause DNS lookup failures. BIG-IP GTM functionality may be impacted. \n\n\n 1. Log in to the BIG-IP system command line. \n\n 2. Using a text editor, such as vi, edit the **/var/named/etc/named.conf **file. \n\n 3. Add the following line to the options section: \n \nrecursion no; \n\n 4. Save the file. \n 5. To load the new configuration, type the following command: \n \nrndc reload\n\nSupplemental Information\n\n * [CVE-2012-5166](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [CVE 2012-4244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244>)\n\n**Note:** This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL6845: Managing BIG-IP product hotfixes (9.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2014-08-26T00:00:00", "published": "2013-02-11T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/200/sol14201.html", "id": "SOL14201", "type": "f5", "title": "SOL14201 - BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2012-10-19T23:59:48", "published": "2012-10-19T23:59:48", "id": "FEDORA:CE50A20CE1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: dnsperf-2.0.0.0-2.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2012-10-21T06:15:37", "published": "2012-10-21T06:15:37", "id": "FEDORA:0411120AA7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: bind-9.9.2-2.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2012-10-21T06:15:37", "published": "2012-10-21T06:15:37", "id": "FEDORA:0D28C20AB3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: dnsperf-2.0.0.0-3.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2012-10-23T01:52:50", "published": "2012-10-23T01:52:50", "id": "FEDORA:AC5CF2095A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: dnsperf-2.0.0.0-2.fc16", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. To use DHCP on your network, install a DHCP service (or relay agent), and on clients run a DHCP client daemon. The dhcp package provides the ISC DHCP service and relay agent. ", "modified": "2012-10-21T06:15:36", "published": "2012-10-21T06:15:36", "id": "FEDORA:D6E1720A89", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: dhcp-4.2.4-18.P2.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "modified": "2012-10-21T06:15:36", "published": "2012-10-21T06:15:36", "id": "FEDORA:EF8FE20AA3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update:\n bind-dyndb-ldap-2.0-0.3.20121009git6a86b1.fc18", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1667", "CVE-2012-5166"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2012-10-19T23:59:48", "published": "2012-10-19T23:59:48", "id": "FEDORA:C551820CBE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: bind-9.9.2-2.fc17", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2134", "CVE-2012-3429", "CVE-2012-5166"], "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "modified": "2012-10-19T23:59:48", "published": "2012-10-19T23:59:48", "id": "FEDORA:B7E2320CB4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: bind-dyndb-ldap-1.1.0-0.15.rc1.fc17", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:40", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "[32:9.8.2-0.10.rc1.5]\n- fix CVE-2012-5166", "edition": 4, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "ELSA-2012-1363", "href": "http://linux.oracle.com/errata/ELSA-2012-1363.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:35", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "[32:9.7.0-10.P2.4]\n- fix CVE-2012-5166", "edition": 4, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "ELSA-2012-1364", "href": "http://linux.oracle.com/errata/ELSA-2012-1364.html", "title": "bind97 security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:40", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "description": "[20:9.2.4-38.0.2.el4]\n- fix CVE-2012-4244 (Adam Tkac) [orabz 14518]\n- fix CVE-2012-5166 (Adam Tkac) [orabz 14518]", "edition": 4, "modified": "2012-11-29T00:00:00", "published": "2012-11-29T00:00:00", "id": "ELSA-2012-1365", "href": "http://linux.oracle.com/errata/ELSA-2012-1365.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:39", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "Jake Montgomery discovered that Bind incorrectly handled certain specific \ncombinations of RDATA. A remote attacker could use this flaw to cause Bind \nto crash, resulting in a denial of service.", "edition": 5, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "USN-1601-1", "href": "https://ubuntu.com/security/notices/USN-1601-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "**Issue Overview:**\n\nA flaw was found in the way BIND handled certain combinations of resource records. A remote attacker could use this flaw to cause a recursive resolver, or an authoritative server in certain configurations, to lockup. ([CVE-2012-5166 __](<https://access.redhat.com/security/cve/CVE-2012-5166>))\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-devel-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-utils-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-debuginfo-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-sdb-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-chroot-9.8.2-0.10.rc1.25.amzn1.i686 \n bind-libs-9.8.2-0.10.rc1.25.amzn1.i686 \n \n src: \n bind-9.8.2-0.10.rc1.25.amzn1.src \n \n x86_64: \n bind-devel-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-libs-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-debuginfo-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-sdb-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-chroot-9.8.2-0.10.rc1.25.amzn1.x86_64 \n bind-utils-9.8.2-0.10.rc1.25.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-10-23T10:39:00", "published": "2012-10-23T10:39:00", "id": "ALAS-2012-138", "href": "https://alas.aws.amazon.com/ALAS-2012-138.html", "title": "Important: bind", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:22", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup.\n(CVE-2012-5166)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2018-06-06T20:24:29", "published": "2012-10-12T04:00:00", "id": "RHSA-2012:1363", "href": "https://access.redhat.com/errata/RHSA-2012:1363", "type": "redhat", "title": "(RHSA-2012:1363) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:47:09", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup.\n(CVE-2012-5166)\n\nUsers of bind97 are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2017-09-08T11:48:31", "published": "2012-10-12T04:00:00", "id": "RHSA-2012:1364", "href": "https://access.redhat.com/errata/RHSA-2012:1364", "type": "redhat", "title": "(RHSA-2012:1364) Important: bind97 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4244", "CVE-2012-5166"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled resource records with a large\nRDATA value. A malicious owner of a DNS domain could use this flaw to\ncreate specially-crafted DNS resource records, that would cause a recursive\nresolver or secondary server to exit unexpectedly with an assertion\nfailure. (CVE-2012-4244)\n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup.\n(CVE-2012-5166)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect these issues. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n", "modified": "2017-09-08T11:54:23", "published": "2012-10-12T04:00:00", "id": "RHSA-2012:1365", "href": "https://access.redhat.com/errata/RHSA-2012:1365", "type": "redhat", "title": "(RHSA-2012:1365) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:53", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1363\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup.\n(CVE-2012-5166)\n\nUsers of bind are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030972.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030976.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1363.html", "edition": 3, "modified": "2012-10-13T02:25:08", "published": "2012-10-12T20:50:33", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030972.html", "id": "CESA-2012:1363", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:27:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1364\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup.\n(CVE-2012-5166)\n\nUsers of bind97 are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030973.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1364.html", "edition": 3, "modified": "2012-10-12T20:51:55", "published": "2012-10-12T20:51:55", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030973.html", "id": "CESA-2012:1364", "title": "bind97 security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:02:22", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "The bind nameserver was updated to fix specially crafted\n DNS data can cause a lockup in named.\n\n", "edition": 1, "modified": "2012-10-19T10:08:52", "published": "2012-10-19T10:08:52", "id": "OPENSUSE-SU-2012:1372-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00011.html", "title": "bind: Specially crafted DNS data can cause a lockup in named. (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "description": "Specially crafted RDATA could have caused the bind\n nameserver to lockup (CVE-2012-5166). This was a different\n flaw than CVE-2012-4244.\n", "edition": 1, "modified": "2012-11-05T19:08:49", "published": "2012-11-05T19:08:49", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00000.html", "id": "SUSE-SU-2012:1390-3", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:43:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "description": "The following issue has been fixed:\n\n * Specially crafted RDATA could have caused bind to\n lockup. This was a different flaw than CVE-2012-4244.\n", "edition": 1, "modified": "2012-10-24T08:09:16", "published": "2012-10-24T08:09:16", "id": "SUSE-SU-2012:1390-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00014.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:46:39", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "description": "The following issue has been fixed:\n\n * Specially crafted RDATA could have caused bind to\n lockup. This was a different flaw than CVE-2012-4244.\n", "edition": 1, "modified": "2012-10-23T19:08:49", "published": "2012-10-23T19:08:49", "id": "SUSE-SU-2012:1390-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00013.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "aix": [{"lastseen": "2020-04-22T00:52:08", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Tue Oct 23 10:13:27 CDT 2012\n| Updated: Mon Jan 28 12:29:56 CDT 2013\n| Update: New ifixes for the latest SP's\n| Updated: Thu Dec 12 12:55:11 CST 2013\n| Update: 1. Added KEYs for parsing purposes\n| 2. Moved to OpenSSL signature\n\n\nhttp://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc\nftp://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\nVULNERABILITY: Vulnerability in AIX bind\n\nPLATFORMS: AIX 5.3 Service Extension, 6.1, and 7.1 releases\n\nSOLUTION: Apply the fix as described below\n\nTHREAT: A remote attacker can cause denial of service\n\nCVE Number: CVE-2012-5166 CVSS=7.8\n\nReboot required? NO\nWorkarounds? YES\nProtected by FPM? NO\nProtected by SED? NO\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION (from cve.mitre.org)\n\n If specific combinations of RDATA are loaded into a nameserver, either \n via cache or an authoritative zone, a subsequent query for a related \n record will cause named to lock up. \n \n Please see the following for more information:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\n\nII. CVSS\n\n CVSS Base Score: 7.8\n CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/79121 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n Note: To use the following commands on VIOS you must first\n execute:\n\n oem_setup_env\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L bos.net.tcp.client bos.net.tcp.server\n\n The following fileset levels are vulnerable:\n\n AIX Fileset Lower Level Upper Level KEY\n ----------------------------------------------------------\n bos.net.tcp.client 5.3.12.0 5.3.12.7 key_w_fs\n bos.net.tcp.server 5.3.12.0 5.3.12.4 key_w_fs\n| bos.net.tcp.client 6.1.6.0 6.1.6.21 key_w_fs\n| bos.net.tcp.server 6.1.6.0 6.1.6.20 key_w_fs\n| bos.net.tcp.client 6.1.7.0 6.1.7.17 key_w_fs\n| bos.net.tcp.server 6.1.7.0 6.1.7.17 key_w_fs\n| bos.net.tcp.client 7.1.0.0 7.1.0.22 key_w_fs\n bos.net.tcp.server 7.1.0.0 7.1.0.19 key_w_fs\n| bos.net.tcp.client 7.1.1.0 7.1.1.17 key_w_fs\n| bos.net.tcp.server 7.1.1.0 7.1.1.17 key_w_fs\n\nIV. SOLUTIONS\n\n A. APARS\n\n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ---------------------------------------------------\n 5.3.12 IV30368 Available sp7 key_w_apar\n| 6.1.6 IV30364 03/29/13 sp11 key_w_apar\n| 6.1.7 IV30365 03/29/13 sp7 key_w_apar\n| 6.1.8 IV30247 Available sp1 key_w_apar\n| 7.1.0 IV30366 05/02/13 sp9 key_w_apar\n| 7.1.1 IV30367 05/02/13 sp7 key_w_apar\n| 7.1.2 IV30185 Available sp1 key_w_apar\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV30368\n http://www.ibm.com/support/docview.wss?uid=isg1IV30364\n http://www.ibm.com/support/docview.wss?uid=isg1IV30365\n| http://www.ibm.com/support/docview.wss?uid=isg1IV30247\n http://www.ibm.com/support/docview.wss?uid=isg1IV30366\n http://www.ibm.com/support/docview.wss?uid=isg1IV30367\n| http://www.ibm.com/support/docview.wss?uid=isg1IV30185\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available. The fixes can be downloaded via ftp\n from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/bind9_fix5.tar\n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n\n AIX Level Interim Fix (*.Z) KEY\n -------------------------------------------------------------------\n 5.3.12.6 IV30368s06.121016.epkg.Z key_w_fix \n 6.1.6.9 IV30364s09.121016.epkg.Z key_w_fix\n| 6.1.6.10 IV30364s10.130121.epkg.Z key_w_fix\n 6.1.7.5 IV30365s05.121016.epkg.Z key_w_fix\n| 6.1.7.6 IV30365s06.130121.epkg.Z key_w_fix\n 7.1.0.7 IV30366s07.121016.epkg.Z key_w_fix\n| 7.1.0.8 IV30366s08.130121.epkg.Z key_w_fix\n 7.1.1.5 IV30367s05.121016.epkg.Z key_w_fix\n| 7.1.1.6 IV30367s06.130121.epkg.Z key_w_fix\n\n VIOS Level Interim Fix (*.Z)\n -------------------------------------------------------------------\n 2.2.1.4-FP-25 SP-02 IV30365s04.121018.epkg.Z\n\n To extract the fixes from the tar file:\n\n tar xvf bind9_fix5.tar\n cd bind9_fix5\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"csum -h SHA1\" (sha1sum) command is the followng:\n\n csum -h SHA1 (sha1sum) filename\n ------------------------------------------------------------------\n 76c1615c13fb9e8ce77c1e2cc3cdfc7f4e3f2ce9 IV30368s06.121016.epkg.Z\n 69095160bf88dd4a764333bc31c26de5bf980c82 IV30364s09.121016.epkg.Z\n| bf817930a0a569cb984496ca1d62e49b2ff24e6e IV30364s10.130121.epkg.Z\n 1a03d512c5f6f53813c7d679681327dbaf991fbf IV30365s05.121016.epkg.Z\n| 5c137843e8d31ecb9cbbb8bc8ff3390f16eb6ea0 IV30365s06.130121.epkg.Z\n 0dcac920553a9bd0e34484519ab3a6e4f80fdf83 IV30366s07.121016.epkg.Z\n| de70daa2f7692cae7d59f8cfec542e0b87cf0f0b IV30366s08.130121.epkg.Z\n b3ae50663c8866bbc1c0cead2871347c86afc52e IV30367s05.121016.epkg.Z\n| 6181646c89f48b20680e2c5df3a8974c7c4dbb42 IV30367s06.130121.epkg.Z\n c59ba4b6cb6144c53881cea8fd3ba84250f62997 IV30365s04.121018.epkg.Z\n\n To verify the sum, use the text of this advisory as input to sha1sum.\n For example:\n\n csum -h SHA1 -i Advisory.asc\n sha1sum -c Advisory.asc\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n\n openssl dgst -sha1 -verify AIX_PSIRT_pub.asc -signature file.asc.sig file.asc\n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\nV. WORKAROUNDS (from kb.isc.org)\n\n Setting the option 'minimal-responses' to 'yes' will prevent the lockup.\n\nVI. OBTAINING FIXES\n\n AIX security fixes can be downloaded from:\n\n ftp://aix.software.ibm.com/aix/efixes/security\n\n AIX fixes can be downloaded from:\n\n http://www.ibm.com/eserver/support/fixes/fixcentral/main/pseries/aix\n\n NOTE: Affected customers are urged to upgrade to the latest\n applicable Technology Level and Service Pack.\n\nVII. CONTACT INFORMATION\n\n If you would like to receive AIX Security Advisories via email,\n please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd\n\n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To request the PGP public key that can be used to communicate\n securely with the AIX Security Team you can either:\n\n A. Send an email with \"get key\" in the subject line to:\n\n security-alert@austin.ibm.com\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\nVIII. REFERENCES:\n\n Note: Keywords labeled as KEY in this document are used for parsing purposes.\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/79121\n CVE-2012-5166: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n", "edition": 23, "modified": "2013-12-12T12:55:11", "published": "2012-10-23T10:13:27", "id": "BIND9_ADVISORY5.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc", "title": "Vulnerability in AIX bind", "type": "aix", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:10:07", "description": "Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-10-22T00:00:00", "title": "Fedora 17 : bind-9.9.2-2.fc17 / bind-dyndb-ldap-1.1.0-0.15.rc1.fc17 / dhcp-4.2.4-16.P2.fc17 / etc (2012-15965)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2012-10-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:dnsperf", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "p-cpe:/a:fedoraproject:fedora:dhcp"], "id": "FEDORA_2012-15965.NASL", "href": "https://www.tenable.com/plugins/nessus/62646", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15965.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62646);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5166\");\n script_bugtraq_id(55852);\n script_xref(name:\"FEDORA\", value:\"2012-15965\");\n\n script_name(english:\"Fedora 17 : bind-9.9.2-2.fc17 / bind-dyndb-ldap-1.1.0-0.15.rc1.fc17 / dhcp-4.2.4-16.P2.fc17 / etc (2012-15965)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=864273\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090344.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e2882cb3\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090345.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6aae8434\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090346.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7c6e080a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090347.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?836d7ae9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"bind-9.9.2-2.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"bind-dyndb-ldap-1.1.0-0.15.rc1.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"dhcp-4.2.4-16.P2.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"dnsperf-2.0.0.0-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dhcp / dnsperf\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-25T08:55:28", "description": "From Red Hat Security Advisory 2012:1364 :\n\nUpdated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the way BIND handled certain combinations of\nresource records. A remote attacker could use this flaw to cause a\nrecursive resolver, or an authoritative server in certain\nconfigurations, to lockup. (CVE-2012-5166)\n\nUsers of bind97 are advised to upgrade to these updated packages,\nwhich correct this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.", "edition": 20, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : bind97 (ELSA-2012-1364)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind97-utils", "p-cpe:/a:oracle:linux:bind97-chroot", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:bind97-devel", "p-cpe:/a:oracle:linux:bind97-libs", "p-cpe:/a:oracle:linux:bind97"], "id": "ORACLELINUX_ELSA-2012-1364.NASL", "href": "https://www.tenable.com/plugins/nessus/68641", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1364 and \n# Oracle Linux Security Advisory ELSA-2012-1364 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68641);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2012-5166\");\n script_bugtraq_id(55852);\n script_xref(name:\"RHSA\", value:\"2012:1364\");\n\n script_name(english:\"Oracle Linux 5 : bind97 (ELSA-2012-1364)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1364 :\n\nUpdated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA flaw was found in the way BIND handled certain combinations of\nresource records. A remote attacker could use this flaw to cause a\nrecursive resolver, or an authoritative server in certain\nconfigurations, to lockup. (CVE-2012-5166)\n\nUsers of bind97 are advised to upgrade to these updated packages,\nwhich correct this issue. After installing the update, the BIND daemon\n(named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003081.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind97-9.7.0-10.P2.el5_8.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-chroot-9.7.0-10.P2.el5_8.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-devel-9.7.0-10.P2.el5_8.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-libs-9.7.0-10.P2.el5_8.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-utils-9.7.0-10.P2.el5_8.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-18T02:47:10", "description": "A flaw was found in the way BIND handled certain combinations of\nresource records. A remote attacker could use this flaw to cause a\nrecursive resolver, or an authoritative server in certain\nconfigurations, to lockup. (CVE-2012-5166)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 13, "published": "2012-10-16T00:00:00", "title": "Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20121012)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2012-10-16T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-libbind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-utils", "p-cpe:/a:fermilab:scientific_linux:bind-libs", "p-cpe:/a:fermilab:scientific_linux:caching-nameserver", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind-sdb", "p-cpe:/a:fermilab:scientific_linux:bind"], "id": "SL_20121012_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62555", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62555);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20121012)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way BIND handled certain combinations of\nresource records. A remote attacker could use this flaw to cause a\nrecursive resolver, or an authoritative server in certain\nconfigurations, to lockup. (CVE-2012-5166)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1210&L=scientific-linux-errata&T=0&P=1765\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2625947b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-chroot-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-devel-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libbind-devel-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libs-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-sdb-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-utils-9.3.6-20.P1.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"caching-nameserver-9.3.6-20.P1.el5_8.5\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"bind-9.8.2-0.10.rc1.el6_3.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.8.2-0.10.rc1.el6_3.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.8.2-0.10.rc1.el6_3.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.8.2-0.10.rc1.el6_3.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.8.2-0.10.rc1.el6_3.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.8.2-0.10.rc1.el6_3.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:18:27", "description": "The remote host is missing AIX PTF U854646, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.", "edition": 23, "published": "2013-03-28T00:00:00", "title": "AIX 6.1 TL 7 : bos.net.tcp.server (U854646)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-03-28T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_U854646.NASL", "href": "https://www.tenable.com/plugins/nessus/65709", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U854646. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65709);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"AIX 6.1 TL 7 : bos.net.tcp.server (U854646)\");\n script_summary(english:\"Check for PTF U854646\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U854646, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV30365\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"610007\", patch:\"U854646\", package:\"bos.net.tcp.server.6.1.7.18\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:10:07", "description": "Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-10-23T00:00:00", "title": "Fedora 16 : bind-9.8.4-2.fc16 / bind-dyndb-ldap-1.1.0-0.15.rc1.fc16 / dhcp-4.2.4-4.P2.fc16 / etc (2012-15981)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2012-10-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:dnsperf", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:dhcp"], "id": "FEDORA_2012-15981.NASL", "href": "https://www.tenable.com/plugins/nessus/62656", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15981.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62656);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5166\");\n script_bugtraq_id(55852);\n script_xref(name:\"FEDORA\", value:\"2012-15981\");\n\n script_name(english:\"Fedora 16 : bind-9.8.4-2.fc16 / bind-dyndb-ldap-1.1.0-0.15.rc1.fc16 / dhcp-4.2.4-4.P2.fc16 / etc (2012-15981)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=864273\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090584.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93fbceac\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090585.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd838d0a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090586.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5edd5d2\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090587.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5d6969c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"bind-9.8.4-2.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"bind-dyndb-ldap-1.1.0-0.15.rc1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"dhcp-4.2.4-4.P2.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"dnsperf-2.0.0.0-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dhcp / dnsperf\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:10:08", "description": "Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-10-22T00:00:00", "title": "Fedora 18 : bind-dyndb-ldap-2.0-0.3.20121009git6a86b1.fc18 / bind-9.9.2-2.fc18 / etc (2012-16022)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2012-10-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:bind", "p-cpe:/a:fedoraproject:fedora:dnsperf", "p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap", "p-cpe:/a:fedoraproject:fedora:dhcp"], "id": "FEDORA_2012-16022.NASL", "href": "https://www.tenable.com/plugins/nessus/62647", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-16022.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62647);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5166\");\n script_bugtraq_id(55852);\n script_xref(name:\"FEDORA\", value:\"2012-16022\");\n\n script_name(english:\"Fedora 18 : bind-dyndb-ldap-2.0-0.3.20121009git6a86b1.fc18 / bind-9.9.2-2.fc18 / etc (2012-16022)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the latest BIND packages to fix CVE-2012-5166 and\nincorporate other fixes from upstream. Packages dhcp, bind-dyndb-ldap\nand dnsperf were rebuilt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=864273\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090489.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?95bf508d\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090490.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2dd5629\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090491.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f77e3c31\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090492.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b050bb9b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bind-dyndb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsperf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"bind-9.9.2-2.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"bind-dyndb-ldap-2.0-0.3.20121009git6a86b1.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"dhcp-4.2.4-18.P2.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"dnsperf-2.0.0.0-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-dyndb-ldap / dhcp / dnsperf\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:18:27", "description": "The remote host is missing AIX PTF U855824, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.", "edition": 23, "published": "2013-05-01T00:00:00", "title": "AIX 7.1 TL 1 : bos.net.tcp.server (U855824)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-05-01T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_U855824.NASL", "href": "https://www.tenable.com/plugins/nessus/66279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U855824. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66279);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"AIX 7.1 TL 1 : bos.net.tcp.server (U855824)\");\n script_summary(english:\"Check for PTF U855824\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U855824, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV30367\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"710001\", patch:\"U855824\", package:\"bos.net.tcp.server.7.1.1.18\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:17:41", "description": "If specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.", "edition": 23, "published": "2013-01-24T00:00:00", "title": "AIX 7.1 TL 0 : bind9 (IV30366)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-01-24T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV30366.NASL", "href": "https://www.tenable.com/plugins/nessus/63747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind9_advisory5.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63747);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"AIX 7.1 TL 0 : bind9 (IV30366)\");\n script_summary(english:\"Check for APAR IV30366\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"If specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", sp:\"07\", patch:\"IV30366s07\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.22\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", sp:\"07\", patch:\"IV30366s07\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.19\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", sp:\"08\", patch:\"IV30366s08\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.22\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"00\", sp:\"08\", patch:\"IV30366s08\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.0.19\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:18:27", "description": "The remote host is missing AIX PTF U854732, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.", "edition": 23, "published": "2013-03-28T00:00:00", "title": "AIX 6.1 TL 6 : bos.net.tcp.server (U854732)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-03-28T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_U854732.NASL", "href": "https://www.tenable.com/plugins/nessus/65710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U854732. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65710);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"AIX 6.1 TL 6 : bos.net.tcp.server (U854732)\");\n script_summary(english:\"Check for PTF U854732\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U854732, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nIf specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV30364\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"610006\", patch:\"U854732\", package:\"bos.net.tcp.server.6.1.6.21\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:17:41", "description": "If specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.", "edition": 23, "published": "2013-01-24T00:00:00", "title": "AIX 5.3 TL 12 : bind9 (IV30368)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "modified": "2013-01-24T00:00:00", "cpe": ["cpe:/o:ibm:aix:5.3"], "id": "AIX_IV30368.NASL", "href": "https://www.tenable.com/plugins/nessus/63749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind9_advisory5.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63749);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5166\");\n\n script_name(english:\"AIX 5.3 TL 12 : bind9 (IV30368)\");\n script_summary(english:\"Check for APAR IV30368\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"If specific combinations of RDATA are loaded into a nameserver, either\nvia cache or an authoritative zone, a subsequent query for a related\nrecord will cause named to lock up.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", sp:\"06\", patch:\"IV30368s06\", package:\"bos.net.tcp.client\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.7\") < 0) flag++;\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", sp:\"06\", patch:\"IV30368s06\", package:\"bos.net.tcp.server\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.4\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:38:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-10-13T00:00:00", "id": "OPENVAS:136141256231072478", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072478", "type": "openvas", "title": "FreeBSD Ports: bind99", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_bind992.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 57a700f9-12c0-11e2-9f86-001d923933b6\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72478\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2012-5166\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-13 02:35:34 -0400 (Sat, 13 Oct 2012)\");\n script_name(\"FreeBSD Ports: bind99\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n bind99\n bind98\n bind97\n bind96\n\nCVE-2012-5166\nISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before\n9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote\nattackers to cause a denial of service (named daemon hang) via\nunspecified combinations of resource records.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"bind99\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.9.1.4\")<0) {\n txt += \"Package bind99 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.3.4\")<0) {\n txt += \"Package bind98 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.6.4\")<0) {\n txt += \"Package bind97 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R7.4\")<0) {\n txt += \"Package bind96 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:57:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "Check for the Version of bind97", "modified": "2017-12-29T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:870849", "href": "http://plugins.openvas.org/nasl.php?oid=870849", "type": "openvas", "title": "RedHat Update for bind97 RHSA-2012:1364-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind97 RHSA-2012:1364-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named); a\n resolver library (routines for applications to use when interfacing with\n DNS); and tools for verifying that the DNS server is operating correctly.\n\n A flaw was found in the way BIND handled certain combinations of resource\n records. A remote attacker could use this flaw to cause a recursive\n resolver, or an authoritative server in certain configurations, to lockup.\n (CVE-2012-5166)\n\n Users of bind97 are advised to upgrade to these updated packages, which\n correct this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind97 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00017.html\");\n script_id(870849);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:34 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1364-01\");\n script_name(\"RedHat Update for bind97 RHSA-2012:1364-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind97\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1601-1", "modified": "2019-03-13T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:1361412562310841182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841182", "type": "openvas", "title": "Ubuntu Update for bind9 USN-1601-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1601_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for bind9 USN-1601-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1601-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841182\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:04:50 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1601-1\");\n script_name(\"Ubuntu Update for bind9 USN-1601-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1601-1\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Jake Montgomery discovered that Bind incorrectly handled certain specific\n combinations of RDATA. A remote attacker could use this flaw to cause Bind\n to crash, resulting in a denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.0.dfsg.P1-1ubuntu0.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1ubuntu4.5\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1ubuntu2.7\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.4.2.dfsg.P2-2ubuntu0.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310870849", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870849", "type": "openvas", "title": "RedHat Update for bind97 RHSA-2012:1364-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind97 RHSA-2012:1364-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870849\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:34 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1364-01\");\n script_name(\"RedHat Update for bind97 RHSA-2012:1364-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"bind97 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named), a\n resolver library (routines for applications to use when interfacing with\n DNS), and tools for verifying that the DNS server is operating correctly.\n\n A flaw was found in the way BIND handled certain combinations of resource\n records. A remote attacker could use this flaw to cause a recursive\n resolver, or an authoritative server in certain configurations, to lockup.\n (CVE-2012-5166)\n\n Users of bind97 are advised to upgrade to these updated packages, which\n correct this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~10.P2.el5_8.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update to bind9\nannounced via advisory DSA 2560-1.", "modified": "2019-03-18T00:00:00", "published": "2012-10-29T00:00:00", "id": "OPENVAS:136141256231072531", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072531", "type": "openvas", "title": "Debian Security Advisory DSA 2560-1 (bind9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2560_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2560-1 (bind9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72531\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2012-5166\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 10:13:13 -0400 (Mon, 29 Oct 2012)\");\n script_name(\"Debian Security Advisory DSA 2560-1 (bind9)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202560-1\");\n script_tag(name:\"insight\", value:\"It was discovered that BIND, a DNS server, hangs while constructing\nthe additional section of a DNS reply, when certain combinations of\nresource records are present. This vulnerability affects both\nrecursive and authoritative servers.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze8.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to bind9\nannounced via advisory DSA 2560-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-60\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns69\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc62\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc60\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg62\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres60\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"1:9.7.3.dfsg-1~squeeze8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "Oracle Linux Local Security Checks ELSA-2012-1364", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123800", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123800", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1364", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1364.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123800\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:43 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1364\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1364 - bind97 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1364\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1364.html\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~10.P2.el5_8.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~10.P2.el5_8.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~10.P2.el5_8.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~10.P2.el5_8.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~10.P2.el5_8.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:1361412562310881522", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881522", "type": "openvas", "title": "CentOS Update for bind97 CESA-2012:1364 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind97 CESA-2012:1364 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018935.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881522\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:33 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1364\");\n script_name(\"CentOS Update for bind97 CESA-2012:1364 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"bind97 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named), a\n resolver library (routines for applications to use when interfacing with\n DNS), and tools for verifying that the DNS server is operating correctly.\n\n A flaw was found in the way BIND handled certain combinations of resource\n records. A remote attacker could use this flaw to cause a recursive\n resolver, or an authoritative server in certain configurations, to lockup.\n (CVE-2012-5166)\n\n Users of bind97 are advised to upgrade to these updated packages, which\n correct this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~10.P2.el5_8.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~10.P2.el5_8.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~10.P2.el5_8.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~10.P2.el5_8.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~10.P2.el5_8.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:07:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "Check for the Version of bind", "modified": "2018-01-04T00:00:00", "published": "2012-10-16T00:00:00", "id": "OPENVAS:881520", "href": "http://plugins.openvas.org/nasl.php?oid=881520", "type": "openvas", "title": "CentOS Update for bind CESA-2012:1363 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2012:1363 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server (named); a\n resolver library (routines for applications to use when interfacing with\n DNS); and tools for verifying that the DNS server is operating correctly.\n\n A flaw was found in the way BIND handled certain combinations of resource\n records. A remote attacker could use this flaw to cause a recursive\n resolver, or an authoritative server in certain configurations, to lockup.\n (CVE-2012-5166)\n \n Users of bind are advised to upgrade to these updated packages, which\n correct this issue. After installing the update, the BIND daemon (named)\n will be restarted automatically.\";\n\ntag_affected = \"bind on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018934.html\");\n script_id(881520);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:45:22 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1363\");\n script_name(\"CentOS Update for bind CESA-2012:1363 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~20.P1.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-23T00:00:00", "id": "OPENVAS:1361412562310864805", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864805", "type": "openvas", "title": "Fedora Update for dnsperf FEDORA-2012-15965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsperf FEDORA-2012-15965\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090347.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864805\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-23 09:27:21 +0530 (Tue, 23 Oct 2012)\");\n script_cve_id(\"CVE-2012-5166\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-15965\");\n script_name(\"Fedora Update for dnsperf FEDORA-2012-15965\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsperf'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"dnsperf on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsperf\", rpm:\"dnsperf~2.0.0.0~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-02T21:10:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5166"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-20T00:00:00", "published": "2012-10-13T00:00:00", "id": "OPENVAS:72478", "href": "http://plugins.openvas.org/nasl.php?oid=72478", "type": "openvas", "title": "FreeBSD Ports: bind99", "sourceData": "#\n#VID 57a700f9-12c0-11e2-9f86-001d923933b6\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 57a700f9-12c0-11e2-9f86-001d923933b6\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n bind99\n bind98\n bind97\n bind96\n\nCVE-2012-5166\nISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before\n9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote\nattackers to cause a denial of service (named daemon hang) via\nunspecified combinations of resource records.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(72478);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2012-5166\");\n script_version(\"$Revision: 5988 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-20 11:02:29 +0200 (Thu, 20 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-13 02:35:34 -0400 (Sat, 13 Oct 2012)\");\n script_name(\"FreeBSD Ports: bind99\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"bind99\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.9.1.4\")<0) {\n txt += \"Package bind99 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"bind98\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.8.3.4\")<0) {\n txt += \"Package bind98 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"bind97\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.7.6.4\")<0) {\n txt += \"Package bind97 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"bind96\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.6.3.1.ESV.R7.4\")<0) {\n txt += \"Package bind96 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:29:36", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2560-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nOctober 20, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-5166\nDebian Bug : 690118\n\nIt was discovered that BIND, a DNS server, hangs while constructing\nthe additional section of a DNS reply, when certain combinations of\nresource records are present. This vulnerability affects both\nrecursive and authoritative servers.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze8.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-10-20T19:34:06", "published": "2012-10-20T19:34:06", "id": "DEBIAN:DSA-2560-1:82F31", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00204.html", "title": "[SECURITY] [DSA 2560-1] bind9 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166"], "description": "\nISC reports:\n\nA deliberately constructed combination of records could cause named\n\t to hang while populating the additional section of a response.\n\n", "edition": 4, "modified": "2012-09-26T00:00:00", "published": "2012-09-26T00:00:00", "id": "57A700F9-12C0-11E2-9F86-001D923933B6", "href": "https://vuxml.freebsd.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html", "title": "dns/bind9* -- crash on deliberately constructed combination of records", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:43", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5166", "CVE-2012-4244"], "description": "\nProblem description:\n\nThe BIND daemon would crash when a query is made on a resource\n\t record with RDATA that exceeds 65535 bytes.\nThe BIND daemon would lock up when a query is made on specific\n\t combinations of RDATA.\n\n", "edition": 4, "modified": "2012-11-22T00:00:00", "published": "2012-11-22T00:00:00", "id": "4B79538B-A450-11E2-9898-001060E06FD4", "href": "https://vuxml.freebsd.org/freebsd/4b79538b-a450-11e2-9898-001060e06fd4.html", "title": "FreeBSD -- Multiple Denial of Service vulnerabilities with named(8)", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-5166"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:162\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : bind\r\n Date : October 10, 2012\r\n Affected: 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability was discovered and corrected in bind:\r\n \r\n A certain combination of records in the RBT could cause named to hang\r\n while populating the additional section of a response. [RT #31090]\r\n &#40;CVE-2012-5166&#41;.\r\n \r\n The updated packages have been upgraded to bind 9.7.6-P4 and 9.8.3-P4\r\n which is not vulnerable to this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\r\n https://kb.isc.org/article/AA-00801\r\n ftp://ftp.isc.org/isc/bind9/9.7.6-P4/CHANGES\r\n ftp://ftp.isc.org/isc/bind9/9.8.3-P4/CHANGES\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2011:\r\n 674904bbe6055bbce6addee9df404492 2011/i586/bind-9.8.3-0.0.P4.0.1-mdv2011.0.i586.rpm\r\n a04233b14f792b187f52bb12975d6616 2011/i586/bind-devel-9.8.3-0.0.P4.0.1-mdv2011.0.i586.rpm\r\n c8f5d3ceb296f04eb7b09ec3a4f72ee9 2011/i586/bind-doc-9.8.3-0.0.P4.0.1-mdv2011.0.i586.rpm\r\n 0dae4f49ec8626b2d985f38cc206410e 2011/i586/bind-utils-9.8.3-0.0.P4.0.1-mdv2011.0.i586.rpm \r\n c614ce64e6fbf4610ca67ff37bc57d28 2011/SRPMS/bind-9.8.3-0.0.P4.0.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n a40a739988c6d0277ea2ff9862956bae 2011/x86_64/bind-9.8.3-0.0.P4.0.1-mdv2011.0.x86_64.rpm\r\n 4136bd8e81216d03ccd5b389f208250d 2011/x86_64/bind-devel-9.8.3-0.0.P4.0.1-mdv2011.0.x86_64.rpm\r\n 84ff9042691182668122ece8d7f67a20 2011/x86_64/bind-doc-9.8.3-0.0.P4.0.1-mdv2011.0.x86_64.rpm\r\n 39439c8b0e3b9f89f17bbf9e4c8b088d 2011/x86_64/bind-utils-9.8.3-0.0.P4.0.1-mdv2011.0.x86_64.rpm \r\n c614ce64e6fbf4610ca67ff37bc57d28 2011/SRPMS/bind-9.8.3-0.0.P4.0.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n c37fb5666ee6ac7d83dc2fbeceebd39f mes5/i586/bind-9.7.6-0.0.P4.0.1mdvmes5.2.i586.rpm\r\n f60d20d6870bf103f24d41a50d8b7c2e mes5/i586/bind-devel-9.7.6-0.0.P4.0.1mdvmes5.2.i586.rpm\r\n 59e509a6e0a72a178bf80f237000ef7e mes5/i586/bind-doc-9.7.6-0.0.P4.0.1mdvmes5.2.i586.rpm\r\n 6db1bd8c47448801f8f0f163046bb4f7 mes5/i586/bind-utils-9.7.6-0.0.P4.0.1mdvmes5.2.i586.rpm \r\n 0e32cc1eb2b98495c828990ad3fe868d mes5/SRPMS/bind-9.7.6-0.0.P4.0.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n bb6806ee598c72bc218098eefc6fafa4 mes5/x86_64/bind-9.7.6-0.0.P4.0.1mdvmes5.2.x86_64.rpm\r\n 83c8197a29ee75ccf9396b0773aada77 mes5/x86_64/bind-devel-9.7.6-0.0.P4.0.1mdvmes5.2.x86_64.rpm\r\n 0cb5d1455f341f27601104e45395308b mes5/x86_64/bind-doc-9.7.6-0.0.P4.0.1mdvmes5.2.x86_64.rpm\r\n 1ec00fc2d8bcb0eb7d8aec80535b589b mes5/x86_64/bind-utils-9.7.6-0.0.P4.0.1mdvmes5.2.x86_64.rpm \r\n 0e32cc1eb2b98495c828990ad3fe868d mes5/SRPMS/bind-9.7.6-0.0.P4.0.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFQdULemqjQ0CJFipgRAqmHAKDZVAV8OmU7wk0ieb0RhgXhjp1/hQCgwfW7\r\nzf2hK/iuE08rZtMXpzK6bIs=\r\n=JF6q\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "SECURITYVULNS:DOC:28626", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28626", "title": "[ MDVSA-2012:162 ] bind", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}