Vulnerabilities > CVE-2017-3145 - Use After Free vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0488.NASL description An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 108277 published 2018-03-13 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108277 title RHEL 7 : bind (RHSA-2018:0488) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:0488. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(108277); script_version("1.10"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2017-3145"); script_xref(name:"RHSA", value:"2018:0488"); script_name(english:"RHEL 7 : bind (RHSA-2018:0488)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:0488" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2017-3145" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs-lite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-lite-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(7\.2|7\.3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.2 / 7.3", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:0488"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { sp = get_kb_item("Host/RedHat/minor_release"); if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); flag = 0; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-chroot-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-chroot-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-chroot-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-debuginfo-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-debuginfo-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-debuginfo-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-devel-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-libs-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-libs-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-libs-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-libs-lite-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-libs-lite-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-libs-lite-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-lite-devel-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-lite-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-lite-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-pkcs11-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-pkcs11-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-pkcs11-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-pkcs11-devel-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-pkcs11-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-pkcs11-devel-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", reference:"bind-pkcs11-libs-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"i686", reference:"bind-pkcs11-libs-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-pkcs11-libs-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-pkcs11-utils-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-pkcs11-utils-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-pkcs11-utils-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-sdb-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-sdb-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-sdb-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-sdb-chroot-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-sdb-chroot-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-sdb-chroot-9.9.4-29.el7_2.8")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"s390x", reference:"bind-utils-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"3", cpu:"x86_64", reference:"bind-utils-9.9.4-50.el7_3.3")) flag++; if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"bind-utils-9.9.4-29.el7_2.8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc"); } }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0487.NASL description An update for bind is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 108276 published 2018-03-13 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108276 title RHEL 6 : bind (RHSA-2018:0487) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:0487. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(108276); script_version("1.9"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2017-3145"); script_xref(name:"RHSA", value:"2018:0487"); script_name(english:"RHEL 6 : bind (RHSA-2018:0487)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for bind is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:0487" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2017-3145" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(6\.4|6\.5|6\.6|6\.7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.4 / 6.5 / 6.6 / 6.7", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:0487"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { sp = get_kb_item("Host/RedHat/minor_release"); if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); flag = 0; if (rpm_check(release:"RHEL6", sp:"7", cpu:"i686", reference:"bind-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"s390x", reference:"bind-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"x86_64", reference:"bind-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"i686", reference:"bind-chroot-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"s390x", reference:"bind-chroot-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", reference:"bind-debuginfo-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"i686", reference:"bind-debuginfo-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"i686", reference:"bind-debuginfo-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"bind-debuginfo-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-debuginfo-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-debuginfo-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-debuginfo-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", reference:"bind-devel-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"i686", reference:"bind-devel-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"i686", reference:"bind-devel-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"bind-devel-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-devel-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-devel-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-devel-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", reference:"bind-libs-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"i686", reference:"bind-libs-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"i686", reference:"bind-libs-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"bind-libs-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-libs-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-libs-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-libs-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"i686", reference:"bind-sdb-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"s390x", reference:"bind-sdb-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.23.rc1.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"i686", reference:"bind-utils-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"s390x", reference:"bind-utils-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"6", cpu:"x86_64", reference:"bind-utils-9.8.2-0.30.rc1.el6_6.10")) flag++; if (rpm_check(release:"RHEL6", sp:"4", cpu:"x86_64", reference:"bind-utils-9.8.2-0.17.rc1.el6_4.13")) flag++; if (rpm_check(release:"RHEL6", sp:"7", cpu:"x86_64", reference:"bind-utils-9.8.2-0.37.rc1.el6_7.12")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"bind-utils-9.8.2-0.23.rc1.el6_5.8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc"); } }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0101.NASL description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106244 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106244 title RHEL 6 : bind (RHSA-2018:0101) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:0101. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(106244); script_version("3.14"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2017-3145"); script_xref(name:"RHSA", value:"2018:0101"); script_name(english:"RHEL 6 : bind (RHSA-2018:0101)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter." ); # https://kb.isc.org/article/AA-01542 script_set_attribute( attribute:"see_also", value:"https://kb.isc.org/docs/aa-01542" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:0101" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2017-3145" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2018/01/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:0101"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-chroot-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-chroot-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-chroot-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-debuginfo-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-devel-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", reference:"bind-libs-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-sdb-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-sdb-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-sdb-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"bind-utils-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"bind-utils-9.8.2-0.62.rc1.el6_9.5")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"bind-utils-9.8.2-0.62.rc1.el6_9.5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc"); } }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-0102.NASL description From Red Hat Security Advisory 2018:0102 : An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106240 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106240 title Oracle Linux 7 : bind (ELSA-2018-0102) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-0101.NASL description From Red Hat Security Advisory 2018:0101 : An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106239 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106239 title Oracle Linux 6 : bind (ELSA-2018-0101) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0011_BIND.NASL description The remote NewStart CGSL host, running version MAIN 5.04, has bind packages installed that are affected by a vulnerability: - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127159 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127159 title NewStart CGSL MAIN 5.04 : bind Vulnerability (NS-SA-2019-0011) NASL family Scientific Linux Local Security Checks NASL id SL_20180122_BIND_ON_SL7_X.NASL description Security Fix(es) : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) last seen 2020-03-18 modified 2018-01-23 plugin id 106258 published 2018-01-23 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106258 title Scientific Linux Security Update : bind on SL7.x x86_64 (20180122) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0362-1.NASL description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 106618 published 2018-02-06 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106618 title SUSE SLES11 Security Update : bind (SUSE-SU-2018:0362-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3535-1.NASL description Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 106135 published 2018-01-18 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106135 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : bind9 vulnerability (USN-3535-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1038.NASL description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-02-13 plugin id 106766 published 2018-02-13 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106766 title EulerOS 2.0 SP2 : bind (EulerOS-SA-2018-1038) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1376.NASL description According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was discovered in bind versions that include the last seen 2020-06-01 modified 2020-06-02 plugin id 124879 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124879 title EulerOS Virtualization for ARM 64 3.0.1.0 : bind (EulerOS-SA-2019-1376) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-954.NASL description Improper fetch cleanup sequencing in the resolver can cause named to crash : A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.(CVE-2017-3145) last seen 2020-06-01 modified 2020-06-02 plugin id 106931 published 2018-02-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106931 title Amazon Linux AMI : bind (ALAS-2018-954) NASL family DNS NASL id BIND9_CVE-2017-3145.NASL description According to its self-reported version, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.11-S2 or 9.9.11-P1, 9.10.x prior to 9.10.6-S2 or 9.10.6-P1, or 9.11.x prior to 9.11.2-P1. It is, therefore, affected by a remote denial of service vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 106200 published 2018-01-19 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106200 title ISC BIND 9 < 9.9.11-P1 / 9.9.11-S2 / 9.10.6-P1 / 9.10.6-S2 / 9.11.2-P1 / 9.12.0rc2 Multiple Vulnerabilities NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1037.NASL description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-02-13 plugin id 106765 published 2018-02-13 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106765 title EulerOS 2.0 SP1 : bind (EulerOS-SA-2018-1037) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0123_BIND.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has bind packages installed that are affected by a vulnerability: - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127370 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127370 title NewStart CGSL MAIN 4.05 : bind Vulnerability (NS-SA-2019-0123) NASL family Fedora Local Security Checks NASL id FEDORA_2018-97BDB9BA32.NASL description Upgrades to latest minor supported BIND. Includes first -P1 security release fixing CVE-2017-3145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-01-24 plugin id 106283 published 2018-01-24 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106283 title Fedora 27 : 32:bind / bind-dyndb-ldap / dnsperf (2018-97bdb9ba32) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0303-1.NASL description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 106531 published 2018-01-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106531 title SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2018:0303-1) NASL family Junos Local Security Checks NASL id JUNIPER_SPACE_JSA10917_184R1.NASL description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 121068 published 2019-01-10 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121068 title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-114.NASL description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). These non-security issues were fixed : - Updated named.root file (bsc#1040039) - Update bind.keys for DNSSEC root KSK rollover (bsc#1047184) This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-05 modified 2018-02-01 plugin id 106545 published 2018-02-01 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106545 title openSUSE Security Update : bind (openSUSE-2018-114) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2020-0021.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details. last seen 2020-06-10 modified 2020-06-05 plugin id 137170 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137170 title OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0102.NASL description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106245 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106245 title RHEL 7 : bind (RHSA-2018:0102) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4089.NASL description Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named. last seen 2020-06-01 modified 2020-06-02 plugin id 106076 published 2018-01-17 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106076 title Debian DSA-4089-1 : bind9 - security update NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-954.NASL description Improper fetch cleanup sequencing in the resolver can cause named to crash A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) last seen 2020-06-01 modified 2020-06-02 plugin id 109125 published 2018-04-18 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109125 title Amazon Linux 2 : bind (ALAS-2018-954) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL08613310.NASL description BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. (CVE-2017-3145) Impact BIG-IP A remote attacker can use this flaw to make named , acting as a Domain Name System Security Extensions (DNSSEC) validating resolver, exit unexpectedly with an assertion failure by way of a specially crafted DNS request. This vulnerability affects BIND only when configured as a recursive resolver with DNSSEC validation enabled. That mode of operation is not present in any default configuration but can be enabled. ARX, Enterprise Manager, BIG-IQ, F5 iWorkflow, LineRate, and Traffix There is no impact; these F5 products are not affected by this vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 118626 published 2018-11-02 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118626 title F5 Networks BIG-IP : BIND vulnerability (K08613310) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1255.NASL description Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named. For Debian 7 last seen 2020-03-17 modified 2018-01-22 plugin id 106211 published 2018-01-22 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106211 title Debian DLA-1255-1 : bind9 security update NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2018-0014.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2017-3145) last seen 2020-06-01 modified 2020-06-02 plugin id 106291 published 2018-01-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106291 title OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0014) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2018-0252.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2018-5740) - Fix (CVE-2017-3145) - Change EDNS flags only after successful query (#1416035) - Fix crash in ldap driver at bind-sdb stop (#1426626) - Fix (CVE-2017-3142, CVE-2017-3143) - Update root servers and trust anchors - Fix DNSKEY that encountered a CNAME (#1447872, ISC change 3391) - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) last seen 2020-06-01 modified 2020-06-02 plugin id 112170 published 2018-08-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112170 title OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-0101.NASL description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106233 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106233 title CentOS 6 : bind (CESA-2018:0101) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1433.NASL description According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2016-2776) - A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash.(CVE-2016-1285) - A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.(CVE-2015-4620) - A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2015-5477) - A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.(CVE-2014-0591) - A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash.(CVE-2015-5722) - It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the last seen 2020-06-01 modified 2020-06-02 plugin id 124936 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124936 title EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2018-017-01.NASL description New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 106106 published 2018-01-18 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106106 title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2018-017-01) NASL family Scientific Linux Local Security Checks NASL id SL_20180122_BIND_ON_SL6_X.NASL description Security Fix(es) : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) last seen 2020-03-18 modified 2018-01-23 plugin id 106257 published 2018-01-23 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106257 title Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20180122) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-0102.NASL description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. last seen 2020-06-01 modified 2020-06-02 plugin id 106234 published 2018-01-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106234 title CentOS 7 : bind (CESA-2018:0102) NASL family Fedora Local Security Checks NASL id FEDORA_2018-6550550774.NASL description Update to BIND 9.11.2-P1, fixing CVE-2017-3145. Also with rebase to current supported minor version. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-01-31 plugin id 106513 published 2018-01-31 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106513 title Fedora 26 : 32:bind / bind-dyndb-ldap / dnsperf (2018-6550550774)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Related news
References
- http://www.securityfocus.com/bid/102716
- http://www.securityfocus.com/bid/102716
- http://www.securitytracker.com/id/1040195
- http://www.securitytracker.com/id/1040195
- https://access.redhat.com/errata/RHSA-2018:0101
- https://access.redhat.com/errata/RHSA-2018:0101
- https://access.redhat.com/errata/RHSA-2018:0102
- https://access.redhat.com/errata/RHSA-2018:0102
- https://access.redhat.com/errata/RHSA-2018:0487
- https://access.redhat.com/errata/RHSA-2018:0487
- https://access.redhat.com/errata/RHSA-2018:0488
- https://access.redhat.com/errata/RHSA-2018:0488
- https://kb.isc.org/docs/aa-01542
- https://kb.isc.org/docs/aa-01542
- https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html
- https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html
- https://security.netapp.com/advisory/ntap-20180117-0003/
- https://security.netapp.com/advisory/ntap-20180117-0003/
- https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named
- https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named
- https://www.debian.org/security/2018/dsa-4089
- https://www.debian.org/security/2018/dsa-4089