Vulnerabilities > CVE-2015-1349 - Resource Management Errors vulnerability in ISC Bind
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | Isc
| 92 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-054.NASL description Updated bind packages fix security vulnerability : Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator last seen 2020-06-01 modified 2020-06-02 plugin id 81937 published 2015-03-19 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81937 title Mandriva Linux Security Advisory : bind (MDVSA-2015:054) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2015:054. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(81937); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:56"); script_cve_id("CVE-2015-1349"); script_bugtraq_id(72673); script_xref(name:"MDVSA", value:"2015:054"); script_name(english:"Mandriva Linux Security Advisory : bind (MDVSA-2015:054)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated bind packages fix security vulnerability : Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives 'dnssec-lookaside auto\;' (as enabled in the Mageia default configuration) or 'dnssec-validation auto\;' (CVE-2015-1349)." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2015-0082.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bind-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2015/03/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"bind-9.9.6.P2-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"bind-devel-9.9.6.P2-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", reference:"bind-doc-9.9.6.P2-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"bind-sdb-9.9.6.P2-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"bind-utils-9.9.6.P2-1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_58033A95BBA811E488AED050992ECDE8.NASL description ISC reports : When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors. last seen 2020-06-01 modified 2020-06-02 plugin id 81462 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81462 title FreeBSD : bind -- denial of service vulnerability (58033a95-bba8-11e4-88ae-d050992ecde8) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(81462); script_version("1.8"); script_cvs_date("Date: 2018/12/19 13:21:18"); script_cve_id("CVE-2015-1349"); script_bugtraq_id(72673); script_xref(name:"FreeBSD", value:"SA-15:05.bind"); script_name(english:"FreeBSD : bind -- denial of service vulnerability (58033a95-bba8-11e4-88ae-d050992ecde8)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "ISC reports : When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors." ); # https://kb.isc.org/article/AA-01235 script_set_attribute( attribute:"see_also", value:"https://kb.isc.org/docs/aa-01235" ); # https://vuxml.freebsd.org/freebsd/58033a95-bba8-11e4-88ae-d050992ecde8.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?673ad77c" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind910"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind910-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind99"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:bind99-base"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/02/18"); script_set_attribute(attribute:"patch_publication_date", value:"2015/02/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"bind910<9.10.1P2")) flag++; if (pkg_test(save_report:TRUE, pkg:"bind910-base<9.10.1P2")) flag++; if (pkg_test(save_report:TRUE, pkg:"bind99<9.9.6P2")) flag++; if (pkg_test(save_report:TRUE, pkg:"bind99-base<9.9.6P2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2015-2548.NASL description This update fixes : - Bug #1193820 - CVE-2015-1349 bind: issue in trust anchor management can cause named to crash Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-03-06 plugin id 81657 published 2015-03-06 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81657 title Fedora 20 : bind-9.9.4-18.P2.fc20 (2015-2548) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL16356.NASL description named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. (CVE-2015-1349) Impact This vulnerability can only be exploited if you explicitly enable DNSSEC validation and managed-keys features in the BIND configuration. The default BIND configuration on a BIG-IP system does not have these features enabled and is not vulnerable. When exploited, the remote attacker may be able to cause the named process to exit or crash, resulting in a denial of service (DoS). Note : The BIG-IP DNSSEC feature does not use BIND code and is not vulnerable. last seen 2020-06-01 modified 2020-06-02 plugin id 82539 published 2015-04-03 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82539 title F5 Networks BIG-IP : BIND vulnerability (K16356) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-165.NASL description Updated bind packages fix security vulnerabilities : By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process) (CVE-2014-8500). Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator last seen 2020-06-01 modified 2020-06-02 plugin id 82418 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82418 title Mandriva Linux Security Advisory : bind (MDVSA-2015:165) NASL family DNS NASL id BIND9_997_RC2.NASL description According to its self-reported version number, the remote installation of BIND is potentially affected by multiple vulnerabilities : - A flaw exists within the Domain Name Service due to an error in the code used to follow delegations. A remote attacker, with a maliciously-constructed zone or query, can cause the service to issue unlimited queries, resulting in resource exhaustion. (CVE-2014-8500) - A denial of service vulnerability exists due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management scenario in which no key is ready for use, resulting in an assertion failure and daemon crash. (CVE-2015-1349) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 81490 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81490 title ISC BIND 9.9.7.x < 9.9.7rc2 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-494.NASL description bind was updated to fix three security issues. These security issues were fixed : - CVE-2015-1349: named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allowed remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use (bsc#918330). - CVE-2014-8500: ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 did not limit delegation chaining, which allowed remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals (bsc#908994). - CVE-2015-4620: Resolver crash when validating (bsc#936476). last seen 2020-06-05 modified 2015-07-17 plugin id 84816 published 2015-07-17 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84816 title openSUSE Security Update : bind (openSUSE-2015-494) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0033.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2015-1349) last seen 2020-06-01 modified 2020-06-02 plugin id 81948 published 2015-03-19 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81948 title OracleVM 3.3 : bind (OVMSA-2015-0033) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-1204-1.NASL description bind was updated to fix two security issues. These security issues were fixed : - CVE-2015-1349: Named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allowed remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use (bsc#918330). - CVE-2015-4620: Fixed resolver crash when validating (bsc#936476). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 84632 published 2015-07-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84632 title SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:1204-1) NASL family DNS NASL id BIND9_9101_P2.NASL description According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management scenario in which no key is ready for use, resulting in an assertion failure and daemon crash. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 81486 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81486 title ISC BIND 9.10.x < 9.10.1-P2 DNSSEC Validation DoS NASL family DNS NASL id BIND9_996_P2.NASL description According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management scenario in which no key is ready for use, resulting in an assertion failure and daemon crash. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 81489 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81489 title ISC BIND 9.7.0.x < 9.9.6-P2 DNSSEC Validation DoS NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-1205-1.NASL description bind was updated to fix two security issues : CVE-2015-1349: A problem with trust anchor management could have caused named to crash (bsc#918330). CVE-2015-4620: Fix resolver crash when validating (bsc#936476). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 84633 published 2015-07-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84633 title SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:1205-1) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0105.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2015-5477) - Fix (CVE-2015-4620) - Resolves: 1215687 - DNS resolution failure in high load environment with SERVFAIL and last seen 2020-06-01 modified 2020-06-02 plugin id 85146 published 2015-07-31 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85146 title OracleVM 3.3 : bind (OVMSA-2015-0105) NASL family DNS NASL id BIND9_996_S3_DNSCO.NASL description According to its self-reported version number, the remote installation of BIND (via DNSco) is potentially affected by a denial of service vulnerability due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management scenario in which no key is ready for use, resulting in an assertion failure and daemon crash. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 81488 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81488 title ISC BIND 9.9.6-S2 DNSSEC Validation DoS NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-0672.NASL description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 81759 published 2015-03-12 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81759 title CentOS 6 / 7 : bind (CESA-2015:0672) NASL family Scientific Linux Local Security Checks NASL id SL_20150311_BIND_ON_SL6_X.NASL description A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-03-18 modified 2015-03-12 plugin id 81770 published 2015-03-12 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81770 title Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150311) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2015-111-01.NASL description New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 82914 published 2015-04-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82914 title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2015-111-01) NASL family MacOS X Local Security Checks NASL id MACOSX_SERVER_5_0_3.NASL description The remote Mac OS X host has a version of OS X Server installed that is prior to 5.0.3. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the mod_headers module that allows HTTP trailers to replace HTTP headers late during request processing. A remote attacker can exploit this to inject arbitrary headers. This can also cause some modules to function incorrectly or appear to function incorrectly. (CVE-2013-5704) - A privilege escalation vulnerability exists due to the last seen 2020-06-01 modified 2020-06-02 plugin id 86066 published 2015-09-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/86066 title Mac OS X : OS X Server < 5.0.3 Multiple Vulnerabilities NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2020-0021.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details. last seen 2020-06-10 modified 2020-06-05 plugin id 137170 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137170 title OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021) NASL family DNS NASL id BIND9_9102_RC2.NASL description According to its self-reported version number, the remote installation of BIND is potentially affected by multiple vulnerabilities : - A flaw exists within the Domain Name Service due to an error in the code used to follow delegations. A remote attacker, with a maliciously-constructed zone or query, can cause the service to issue unlimited queries, resulting in resource exhaustion. (CVE-2014-8500) - Multiple flaws exist with GeoIP functionality. These flaws allow a remote attacker to cause a denial of service. Note that these issues only affect the 9.10.x branch. (CVE-2014-8680) - A denial of service vulnerability exists due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management scenario in which no key is ready for use, resulting in an assertion failure and daemon crash. (CVE-2015-1349) - An error exists related to handling the last seen 2020-06-01 modified 2020-06-02 plugin id 81487 published 2015-02-24 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81487 title ISC BIND 9.10.2 < 9.10.2rc2 Multiple Vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-0672.NASL description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 81750 published 2015-03-11 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81750 title RHEL 7 : bind (RHSA-2015:0672) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2015-490.NASL description A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. last seen 2020-06-01 modified 2020-06-02 plugin id 81826 published 2015-03-17 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81826 title Amazon Linux AMI : bind (ALAS-2015-490) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-163.NASL description Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator last seen 2020-03-17 modified 2015-03-26 plugin id 82147 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82147 title Debian DLA-163-1 : bind9 security update NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201510-01.NASL description The remote host is affected by the vulnerability described in GLSA-201510-01 (BIND: Denial of Service) A vulnerability has been discovered in BIND’s named utility leading to a Denial of Service condition. Impact : A remote attacker may be able to cause Denial of Service condition via specially constructed zone data. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 86435 published 2015-10-19 reporter This script is Copyright (C) 2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/86435 title GLSA-201510-01 : BIND: Denial of Service NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2503-1.NASL description Jan-Piet Mens discovered that Bind incorrectly handled Trust Anchor Management. A remote attacker could use this issue to cause bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 81412 published 2015-02-19 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81412 title Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : bind9 vulnerability (USN-2503-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3162.NASL description Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator last seen 2020-03-17 modified 2015-02-19 plugin id 81409 published 2015-02-19 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81409 title Debian DSA-3162-1 : bind9 - security update NASL family Fedora Local Security Checks NASL id FEDORA_2015-2543.NASL description This update fixes : - Bug #1193820 - CVE-2015-1349 bind: issue in trust anchor management can cause named to crash Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-03-06 plugin id 81656 published 2015-03-06 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81656 title Fedora 21 : bind-9.9.6-8.P1.fc21 (2015-2543) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2017-0066.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776) last seen 2020-06-01 modified 2020-06-02 plugin id 99569 published 2017-04-21 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99569 title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-0672.NASL description From Red Hat Security Advisory 2015:0672 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 81749 published 2015-03-11 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81749 title Oracle Linux 6 / 7 : bind (ELSA-2015-0672) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1433.NASL description According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2016-2776) - A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash.(CVE-2016-1285) - A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.(CVE-2015-4620) - A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2015-5477) - A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.(CVE-2014-0591) - A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash.(CVE-2015-5722) - It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the last seen 2020-06-01 modified 2020-06-02 plugin id 124936 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124936 title EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://advisories.mageia.org/MGASA-2015-0082.html
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150904.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150905.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html
- http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
- http://marc.info/?l=bugtraq&m=143740940810833&w=2
- http://rhn.redhat.com/errata/RHSA-2015-0672.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:054
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:165
- http://www.ubuntu.com/usn/USN-2503-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1193820
- https://kb.isc.org/article/AA-01235
- https://kb.juniper.net/JSA10783
- https://kc.mcafee.com/corporate/index?page=content&id=SB10116
- https://security.gentoo.org/glsa/201510-01
- https://support.apple.com/HT205219