Vulnerabilities > CVE-2013-4854
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | Isc
| 80 |
| Application | 2 | |
| OS | 2 | |
| OS | 1 | |
| OS | 12 | |
| OS | 2 | |
| OS | 2 | |
| OS | 2 | |
| OS | 1 | |
| OS | 5 |
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-654.NASL description The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type last seen 2020-06-05 modified 2014-06-13 plugin id 75123 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75123 title openSUSE Security Update : bind (openSUSE-SU-2013:1353-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2013-654. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75123); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2013-4854"); script_name(english:"openSUSE Security Update : bind (openSUSE-SU-2013:1353-1)"); script_summary(english:"Check for the openSUSE-2013-654 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. (CVE-2013-4854, bnc#831899)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=831899" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2013-08/msg00039.html" ); script_set_attribute(attribute:"solution", value:"Update the affected bind packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-chrootenv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-libs-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-libs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-libs-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-lwresd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-lwresd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bind-utils-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3"); script_set_attribute(attribute:"patch_publication_date", value:"2013/08/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.2|SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.2 / 12.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.2", reference:"bind-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-chrootenv-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-debuginfo-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-debugsource-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-devel-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-libs-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-libs-debuginfo-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-lwresd-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-lwresd-debuginfo-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-utils-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", reference:"bind-utils-debuginfo-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"bind-libs-32bit-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"bind-libs-debuginfo-32bit-9.9.2P2-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-chrootenv-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-debuginfo-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-debugsource-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-devel-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-libs-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-libs-debuginfo-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-lwresd-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-lwresd-debuginfo-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-utils-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"bind-utils-debuginfo-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"bind-libs-32bit-9.9.3P2-2.7.1") ) flag++; if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"bind-libs-debuginfo-32bit-9.9.3P2-2.7.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2728.NASL description Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query. last seen 2020-03-17 modified 2013-07-29 plugin id 69094 published 2013-07-29 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69094 title Debian DSA-2728-1 : bind9 - denial of service code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2728. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(69094); script_version("1.11"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4854"); script_xref(name:"DSA", value:"2728"); script_name(english:"Debian DSA-2728-1 : bind9 - denial of service"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/bind9" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/bind9" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2013/dsa-2728" ); script_set_attribute( attribute:"solution", value: "Upgrade the bind9 packages. For the oldstable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze11. For the stable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:bind9"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"bind9", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"bind9-doc", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"bind9-host", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"bind9utils", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"dnsutils", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"host", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libbind-dev", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libbind9-60", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libdns69", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libisc62", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libisccc60", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"libisccfg62", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"liblwres60", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"6.0", prefix:"lwresd", reference:"1:9.7.3.dfsg-1~squeeze11")) flag++; if (deb_check(release:"7.0", prefix:"bind9", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"bind9-doc", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"bind9-host", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"bind9utils", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"dnsutils", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"host", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libbind-dev", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libbind9-80", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libdns88", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libisc84", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libisccc80", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libisccfg82", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"liblwres80", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"lwresd", reference:"1:9.8.4.dfsg.P1-6+nmu2+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1114.NASL description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69140 published 2013-07-31 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69140 title CentOS 6 : bind (CESA-2013:1114) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1114 and # CentOS Errata and Security Advisory 2013:1114 respectively. # include("compat.inc"); if (description) { script_id(69140); script_version("1.12"); script_cvs_date("Date: 2020/01/06"); script_cve_id("CVE-2013-4854"); script_bugtraq_id(61479); script_xref(name:"RHSA", value:"2013:1114"); script_name(english:"CentOS 6 : bind (CESA-2013:1114)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically." ); # https://lists.centos.org/pipermail/centos-announce/2013-July/019879.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6471737d" ); script_set_attribute(attribute:"solution", value:"Update the affected bind packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-4854"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"bind-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"CentOS-6", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"CentOS-6", reference:"bind-devel-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"CentOS-6", reference:"bind-libs-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"CentOS-6", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"CentOS-6", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1114.NASL description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69110 published 2013-07-30 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69110 title RHEL 6 : bind (RHSA-2013:1114) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1114. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(69110); script_version("1.19"); script_cvs_date("Date: 2019/10/24 15:35:37"); script_cve_id("CVE-2013-4854"); script_bugtraq_id(61479); script_xref(name:"RHSA", value:"2013:1114"); script_name(english:"RHEL 6 : bind (RHSA-2013:1114)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically." ); # https://kb.isc.org/article/AA-01015 script_set_attribute( attribute:"see_also", value:"https://kb.isc.org/docs/aa-01015" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:1114" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4854" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.4"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2013:1114"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-debuginfo-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-devel-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-libs-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc"); } }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1114.NASL description From Red Hat Security Advisory 2013:1114 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69156 published 2013-07-31 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69156 title Oracle Linux 6 : bind (ELSA-2013-1114) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1114 and # Oracle Linux Security Advisory ELSA-2013-1114 respectively. # include("compat.inc"); if (description) { script_id(69156); script_version("1.12"); script_cvs_date("Date: 2019/09/30 10:58:18"); script_cve_id("CVE-2013-4854"); script_bugtraq_id(61479); script_xref(name:"RHSA", value:"2013:1114"); script_name(english:"Oracle Linux 6 : bind (ELSA-2013-1114)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2013:1114 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-July/003607.html" ); script_set_attribute(attribute:"solution", value:"Update the affected bind packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"bind-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (rpm_check(release:"EL6", reference:"bind-chroot-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (rpm_check(release:"EL6", reference:"bind-devel-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (rpm_check(release:"EL6", reference:"bind-libs-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (rpm_check(release:"EL6", reference:"bind-sdb-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (rpm_check(release:"EL6", reference:"bind-utils-9.8.2-0.17.rc1.0.2.el6_4.5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-libs / bind-sdb / bind-utils"); }NASL family Misc. NASL id MCAFEE_WEB_GATEWAY_SB10052.NASL description The remote host has a version of McAfee Web Gateway (MWG) prior to 7.3.2.2. It is, therefore, affected by a denial of service vulnerability due to a flaw in the packaged ISC BIND server. An attacker can exploit this vulnerability by sending a specially crafted query with a malformed RDATA section. last seen 2020-06-01 modified 2020-06-02 plugin id 76120 published 2014-06-18 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76120 title McAfee Web Gateway < 7.3.2.2 DoS (SB10052) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(76120); script_version("1.3"); script_cvs_date("Date: 2018/07/14 1:59:37"); script_cve_id("CVE-2013-4854"); script_bugtraq_id(61479); script_xref(name:"MCAFEE-SB", value:"SB10052"); script_name(english:"McAfee Web Gateway < 7.3.2.2 DoS (SB10052)"); script_summary(english:"Checks version of MWG."); script_set_attribute(attribute:"synopsis", value:"The remote host is affected by a denial of service vulnerability."); script_set_attribute(attribute:"description", value: "The remote host has a version of McAfee Web Gateway (MWG) prior to 7.3.2.2. It is, therefore, affected by a denial of service vulnerability due to a flaw in the packaged ISC BIND server. An attacker can exploit this vulnerability by sending a specially crafted query with a malformed RDATA section."); script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10052"); script_set_attribute(attribute:"solution", value:"Upgrade to 7.3.2.2 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/18"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:web_gateway"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_dependencies("mcafee_web_gateway_detect.nbin"); script_require_keys("Host/McAfee Web Gateway/Version", "Host/McAfee Web Gateway/Display Version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); app_name = "McAfee Web Gateway"; version = get_kb_item_or_exit("Host/McAfee Web Gateway/Version"); version_display = get_kb_item_or_exit("Host/McAfee Web Gateway/Display Version"); fix = NULL; if (version =~ "^7\.3\.2\.") { fix = "7.3.2.2"; fix_display = "7.3.2.2 Build 15726"; } if (fix && ver_compare(ver:version, fix:fix, strict:FALSE) == -1) { if (report_verbosity > 0) { report = '\n Installed version : ' + version_display + '\n Fixed version : ' + fix_display + '\n'; security_hole(extra:report, port:0); } else security_hole(0); exit(0); } else audit(AUDIT_INST_VER_NOT_VULN, app_name, version_display);NASL family Scientific Linux Local Security Checks NASL id SL_20130730_BIND_ON_SL6_X.NASL description A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-03-18 modified 2013-07-31 plugin id 69165 published 2013-07-31 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69165 title Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20130730) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(69165); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/27"); script_cve_id("CVE-2013-4854"); script_name(english:"Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20130730)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) After installing the update, the BIND daemon (named) will be restarted automatically." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1307&L=scientific-linux-errata&T=0&P=2189 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?66df36e9" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/29"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", reference:"bind-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-debuginfo-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-devel-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-libs-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.5")) flag++; if (rpm_check(release:"SL6", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1181.NASL description An updated rhev-hypervisor6 package that fixes three security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of last seen 2020-06-01 modified 2020-06-02 plugin id 78969 published 2014-11-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78969 title RHEL 6 : rhev-hypervisor6 (RHSA-2013:1181) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1181. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(78969); script_version("1.10"); script_cvs_date("Date: 2019/10/24 15:35:37"); script_cve_id("CVE-2013-0791", "CVE-2013-1620", "CVE-2013-4236"); script_bugtraq_id(57777, 58826, 61772); script_xref(name:"RHSA", value:"2013:1181"); script_name(english:"RHEL 6 : rhev-hypervisor6 (RHSA-2013:1181)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An updated rhev-hypervisor6 package that fixes three security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of 'Install Failed'. If this happens, place the host into maintenance mode, then activate it again to get the host back to an 'Up' state. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-1620) It was found that the fix for CVE-2013-0167 released via RHSA-2013:0907 was incomplete. A privileged guest user could potentially use this flaw to make the host the guest is running on unavailable to the management server. (CVE-2013-4236) An out-of-bounds memory read flaw was found in the way NSS decoded certain certificates. If an application using NSS decoded a malformed certificate, it could cause the application to crash. (CVE-2013-0791) Red Hat would like to thank the Mozilla project for reporting CVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter of CVE-2013-0791. The CVE-2013-4236 issue was found by David Gibson of Red Hat. This updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2013-4854 (bind issue) CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, and CVE-2013-2237 (kernel issues) This update also contains the fixes from the following errata : * vdsm: RHSA-2013:1155 and RHBA-2013:1158 Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which corrects these issues." ); # https://rhn.redhat.com/errata/RHSA-2013-0907.html script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:0907" ); # https://rhn.redhat.com/errata/RHSA-2013-1155.html script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:1155" ); # https://rhn.redhat.com/errata/RHBA-2013-1158.html script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHBA-2013:1158" ); # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c6b506c4" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:1181" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-0791" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-1620" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4236" ); script_set_attribute( attribute:"solution", value:"Update the affected rhev-hypervisor6 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2013/08/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2013:1181"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", reference:"rhev-hypervisor6-6.4-20130815.0.el6_4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rhev-hypervisor6"); } }NASL family DNS NASL id BIND9_993_P2.NASL description According to its self-reported version number, the remote installation of BIND can be forced to crash via specially crafted queries containing malformed last seen 2020-06-01 modified 2020-06-02 plugin id 69106 published 2013-07-29 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69106 title ISC BIND 9 RDATA Section Handling DoS NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2014-0084.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-8500 (#1171973) - Use /dev/urandom when generating rndc.key file (#951255) - Remove bogus file from /usr/share/doc, introduced by fix for bug #1092035 - Add support for TLSA resource records (#956685) - Increase defaults for lwresd workers and make workers and client objects number configurable (#1092035) - Fix segmentation fault in nsupdate when -r option is used (#1064045) - Fix race condition on send buffer in host tool when sending UDP query (#1008827) - Allow authentication using TSIG in allow-notify configuration statement (#1044545) - Fix SELinux context of /var/named/chroot/etc/localtime (#902431) - Include updated named.ca file with root server addresses (#917356) - Don last seen 2020-06-01 modified 2020-06-02 plugin id 80247 published 2014-12-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80247 title OracleVM 3.3 : bind (OVMSA-2014-0084) NASL family Fedora Local Security Checks NASL id FEDORA_2013-13863.NASL description - update to 9.9.3-P2 (fix for CVE-2013-4854) - update RRL patch to 9.9.3-P2-rl.13207.22 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-08-05 plugin id 69211 published 2013-08-05 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69211 title Fedora 19 : bind-9.9.3-5.P2.fc19 (2013-13863) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1115.NASL description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69141 published 2013-07-31 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69141 title CentOS 5 : bind97 (CESA-2013:1115) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2013-218-01.NASL description New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 69224 published 2013-08-07 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69224 title Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-218-01) NASL family MacOS X Local Security Checks NASL id MACOSX_SERVER_4_0.NASL description The remote Mac OS X host has a version of OS X Server installed that is prior to version 4.0. It is, therefore, affected by the following vulnerabilities : - There are multiple vulnerabilities within the included BIND, the most serious of which can lead to a denial of service. (CVE-2013-3919, CVE-2013-4854, CVE-2014-0591) - There are multiple vulnerabilities within the included LibYAML for the Profile Manager and ServerRuby, the most serious of which can lead to arbitrary code execution. (CVE-2013-4164, CVE-2013-6393) - There are multiple vulnerabilities within the included PostgreSQL, the most serious of which can lead to arbitrary code execution. (CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the last seen 2020-06-01 modified 2020-06-02 plugin id 78601 published 2014-10-21 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78601 title Mac OS X : OS X Server < 4.0 Multiple Vulnerabilities (POODLE) NASL family Fedora Local Security Checks NASL id FEDORA_2013-13831.NASL description - update to 9.9.3-P2 (fix for CVE-2013-4854) - update RRL patch to 9.9.3-P2-rl.13207.22 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-08-05 plugin id 69210 published 2013-08-05 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69210 title Fedora 18 : bind-9.9.3-4.P2.fc18 (2013-13831) NASL family SuSE Local Security Checks NASL id SUSE_11_BIND-130805.NASL description A specially crafted query with malicious rdata could have caused a crash (DoS) in named. last seen 2020-06-05 modified 2013-08-08 plugin id 69259 published 2013-08-08 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69259 title SuSE 11.2 / 11.3 Security Update : bind (SAT Patch Numbers 8160 / 8161) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-202.NASL description A vulnerability has been discovered and corrected in bind : The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (daemon crash) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013 (CVE-2013-4854). The updated packages for Enterprise Server 5 have been patched to correct this issue. The updated packages for Business Server 1 have been upgraded to the 9.9.3-P2 version which is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 69097 published 2013-07-29 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69097 title Mandriva Linux Security Advisory : bind (MDVSA-2013:202) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2020-0021.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details. last seen 2020-06-10 modified 2020-06-05 plugin id 137170 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137170 title OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1115.NASL description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69111 published 2013-07-30 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69111 title RHEL 5 : bind97 (RHSA-2013:1115) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL14613.NASL description The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial-of-service (DoS) through a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. last seen 2020-06-01 modified 2020-06-02 plugin id 78154 published 2014-10-10 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78154 title F5 Networks BIG-IP : BIND vulnerability (SOL14613) NASL family Firewalls NASL id MCAFEE_FIREWALL_ENTERPRISE_SB10052.NASL description The remote host has a version of McAfee Firewall Enterprise installed that is affected by a denial of service vulnerability due to a flaw in the packaged ISC BIND server. An attacker can exploit this by sending a specially crafted query with a malformed RDATA section. last seen 2020-06-01 modified 2020-06-02 plugin id 76118 published 2014-06-18 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76118 title McAfee Firewall Enterprise DoS (SB10052) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2017-0066.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776) last seen 2020-06-01 modified 2020-06-02 plugin id 99569 published 2017-04-21 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99569 title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1115.NASL description From Red Hat Security Advisory 2013:1115 : Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 69157 published 2013-07-31 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69157 title Oracle Linux 5 : bind97 (ELSA-2013-1115) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2013-214.NASL description A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) last seen 2020-06-01 modified 2020-06-02 plugin id 70218 published 2013-10-01 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70218 title Amazon Linux AMI : bind (ALAS-2013-214) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201401-34.NASL description The remote host is affected by the vulnerability described in GLSA-201401-34 (BIND: Denial of Service) Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 72208 published 2014-01-30 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72208 title GLSA-201401-34 : BIND: Denial of Service NASL family Scientific Linux Local Security Checks NASL id SL_20130730_BIND97_ON_SL5_X.NASL description A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-03-18 modified 2013-07-31 plugin id 69164 published 2013-07-31 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69164 title Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20130730) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_7943E521F64811E286073C970E169BC2.NASL description ISC reports : A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query. last seen 2020-06-01 modified 2020-06-02 plugin id 69088 published 2013-07-28 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69088 title FreeBSD : bind -- denial of service vulnerability (7943e521-f648-11e2-8607-3c970e169bc2) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1910-1.NASL description Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 69119 published 2013-07-30 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69119 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : bind9 vulnerability (USN-1910-1)
Oval
| accepted | 2015-04-20T04:01:29.911-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:19561 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2013-11-22T11:43:28.000-05:00 | ||||||||||||
| title | HP-UX Running BIND, Remote Denial of Service (DoS) | ||||||||||||
| version | 45 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID:61479 CVE ID:CVE-2013-4854 ISC BIND是一款DNS协议的实现 ISC BIND在解析DNS查询中的RDATA数据时存在错误,允许远程攻击者利用漏洞提交包含畸形RDATA数据的特殊查询可触发REQUIRE断言,使服务程序崩溃。此漏洞已经在网络上积极利用,权威和递归服务器都受此漏洞影响 0 ISC BIND 9.8.0 - 9.8.5-P1 ISC BIND 9.9.0 - 9.9.3-P1 厂商解决方案 ISC BIND 9.8.5-P2,9.9.3-P2和9.9.3-S1-P1已经修复此漏洞,建议用户下载更新: https://www.isc.org/downloads/bind/ |
| id | SSV:60926 |
| last seen | 2017-11-19 |
| modified | 2013-07-30 |
| published | 2013-07-30 |
| reporter | Root |
| title | ISC BIND 9 DNS RDATA处理远程拒绝服务漏洞 |
References
- https://kb.isc.org/article/AA-01016
- https://kb.isc.org/article/AA-01015
- http://secunia.com/advisories/54432
- http://secunia.com/advisories/54211
- http://secunia.com/advisories/54134
- http://secunia.com/advisories/54207
- http://www.securitytracker.com/id/1028838
- http://secunia.com/advisories/54185
- http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html
- http://rhn.redhat.com/errata/RHSA-2013-1115.html
- http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc
- http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:202
- http://www.securityfocus.com/bid/61479
- http://secunia.com/advisories/54323
- http://rhn.redhat.com/errata/RHSA-2013-1114.html
- http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html
- http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396
- https://kc.mcafee.com/corporate/index?page=content&id=SB10052
- http://www.zerodayinitiative.com/advisories/ZDI-13-210/
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
- https://support.apple.com/kb/HT6536
- http://linux.oracle.com/errata/ELSA-2014-1244
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561
- http://www.ubuntu.com/usn/USN-1910-1
- http://www.debian.org/security/2013/dsa-2728