Vulnerabilities > CVE-2020-8616 - Resource Exhaustion vulnerability in multiple products

047910
CVSS 8.6 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
isc
debian
CWE-400
nessus

Summary

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

Vulnerable Configurations

Part Description Count
Application
Isc
1342
OS
Debian
2

Common Attack Pattern Enumeration and Classification (CAPEC)

  • XML Ping of the Death
    An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
  • XML Entity Expansion
    An attacker submits an XML document to a target application where the XML document uses nested entity expansion to produce an excessively large output XML. XML allows the definition of macro-like structures that can be used to simplify the creation of complex structures. However, this capability can be abused to create excessive demands on a processor's CPU and memory. A small number of nested expansions can result in an exponential growth in demands on memory.
  • Inducing Account Lockout
    An attacker leverages the security functionality of the system aimed at thwarting potential attacks to launch a denial of service attack against a legitimate system user. Many systems, for instance, implement a password throttling mechanism that locks an account after a certain number of incorrect log in attempts. An attacker can leverage this throttling mechanism to lock a legitimate user out of their own account. The weakness that is being leveraged by an attacker is the very security feature that has been put in place to counteract attacks.
  • Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS))
    XML Denial of Service (XDoS) can be applied to any technology that utilizes XML data. This is, of course, most distributed systems technology including Java, .Net, databases, and so on. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. There are three primary attack vectors that XDoS can navigate Target CPU through recursion: attacker creates a recursive payload and sends to service provider Target memory through jumbo payloads: service provider uses DOM to parse XML. DOM creates in memory representation of XML document, but when document is very large (for example, north of 1 Gb) service provider host may exhaust memory trying to build memory objects. XML Ping of death: attack service provider with numerous small files that clog the system. All of the above attacks exploit the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-2344.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2344 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-02
    plugin id137007
    published2020-06-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137007
    titleCentOS 7 : bind (CESA-2020:2344)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2020:2344 and 
    # CentOS Errata and Security Advisory 2020:2344 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137007);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"RHSA", value:"2020:2344");
    
      script_name(english:"CentOS 7 : bind (CESA-2020:2344)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:2344 advisory.
    
      - bind: BIND does not sufficiently limit the number of
        fetches performed when processing referrals
        (CVE-2020-8616)
    
      - bind: A logic error in code which checks TSIG validity
        can be used to trigger an assertion failure in tsig.c
        (CVE-2020-8617)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number."
      );
      # https://lists.centos.org/pipermail/centos-announce/2020-June/035744.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9a940b1a"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected bind packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-export-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-export-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-libs-lite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-license");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-lite-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-pkcs11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-pkcs11-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-pkcs11-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-pkcs11-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-sdb-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:bind-utils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-export-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-export-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-libs-lite-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-license-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-lite-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-pkcs11-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-pkcs11-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-pkcs11-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-pkcs11-utils-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-sdb-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-sdb-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"bind-utils-9.11.4-16.P2.el7_8.6")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-export-devel / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4689.NASL
    descriptionSeveral vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2019-6477 It was discovered that TCP-pipelined queries can bypass tcp-client limits resulting in denial of service. - CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches performed when processing referrals. An attacker can take advantage of this flaw to cause a denial of service (performance degradation) or use the recursing server in a reflection attack with a high amplification factor. - CVE-2020-8617 It was discovered that a logic error in the code which checks TSIG validity can be used to trigger an assertion failure, resulting in denial of service.
    last seen2020-05-31
    modified2020-05-20
    plugin id136721
    published2020-05-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136721
    titleDebian DSA-4689-1 : bind9 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4689. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(136721);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/26");
    
      script_cve_id("CVE-2019-6477", "CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"DSA", value:"4689");
      script_xref(name:"IAVA", value:"2020-A-0217-S");
    
      script_name(english:"Debian DSA-4689-1 : bind9 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Several vulnerabilities were discovered in BIND, a DNS server
    implementation.
    
      - CVE-2019-6477
        It was discovered that TCP-pipelined queries can bypass
        tcp-client limits resulting in denial of service.
    
      - CVE-2020-8616
        It was discovered that BIND does not sufficiently limit
        the number of fetches performed when processing
        referrals. An attacker can take advantage of this flaw
        to cause a denial of service (performance degradation)
        or use the recursing server in a reflection attack with
        a high amplification factor.
    
      - CVE-2020-8617
        It was discovered that a logic error in the code which
        checks TSIG validity can be used to trigger an assertion
        failure, resulting in denial of service."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945171"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-6477"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2020-8616"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2020-8617"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/bind9"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/bind9"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/buster/bind9"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2020/dsa-4689"
      );
      script_set_attribute(
        attribute:"solution",
        value:
    "Upgrade the bind9 packages.
    
    For the oldstable distribution (stretch), these problems have been
    fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u6.
    
    For the stable distribution (buster), these problems have been fixed
    in version 1:9.11.5.P4+dfsg-5.1+deb10u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:bind9");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"10.0", prefix:"bind9", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"bind9-doc", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"bind9-host", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"bind9utils", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"dnsutils", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libbind-dev", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libbind-export-dev", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libbind9-161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libdns-export1104", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libdns-export1104-udeb", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libdns1104", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libirs-export161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libirs-export161-udeb", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libirs161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisc-export1100", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisc-export1100-udeb", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisc1100", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccc-export161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccc-export161-udeb", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccc161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccfg-export163", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccfg-export163-udeb", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libisccfg163", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"liblwres161", reference:"1:9.11.5.P4+dfsg-5.1+deb10u1")) flag++;
    if (deb_check(release:"9.0", prefix:"bind9", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"bind9-doc", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"bind9-host", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"bind9utils", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"dnsutils", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"host", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libbind-dev", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libbind-export-dev", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libbind9-140", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libdns-export162", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libdns-export162-udeb", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libdns162", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libirs-export141", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libirs-export141-udeb", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libirs141", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisc-export160", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisc-export160-udeb", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisc160", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccc-export140", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccc-export140-udeb", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccc140", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccfg-export140", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccfg-export140-udeb", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"libisccfg140", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"liblwres141", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    if (deb_check(release:"9.0", prefix:"lwresd", reference:"1:9.10.3.dfsg.P4-12.3+deb9u6")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-3_0-0101_BINDUTILS.NASL
    descriptionAn update of the bindutils package has been released.
    last seen2020-06-10
    modified2020-06-06
    plugin id137187
    published2020-06-06
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137187
    titlePhoton OS 3.0: Bindutils PHSA-2020-3.0-0101
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2020-3.0-0101. The text
    # itself is copyright (C) VMware, Inc.
    
    include('compat.inc');
    
    if (description)
    {
      script_id(137187);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
    
      script_name(english:"Photon OS 3.0: Bindutils PHSA-2020-3.0-0101");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the bindutils package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-3.0-101.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/06");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:bindutils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:3.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 3\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 3.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"bindutils-9.16.3-1.ph3")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bindutils");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2020-140-01.NASL
    descriptionNew bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen2020-05-31
    modified2020-05-20
    plugin id136728
    published2020-05-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136728
    titleSlackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2020-140-01)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Slackware Security Advisory 2020-140-01. The text 
    # itself is copyright (C) Slackware Linux, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(136728);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/26");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"SSA", value:"2020-140-01");
      script_xref(name:"IAVA", value:"2020-A-0217-S");
    
      script_name(english:"Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2020-140-01)");
      script_summary(english:"Checks for updated package in /var/log/packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Slackware host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "New bind packages are available for Slackware 14.0, 14.1, 14.2, and
    -current to fix security issues."
      );
      # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.487699
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a01a9f22"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected bind package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:bind");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Slackware Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("slackware.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
    if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
    
    
    flag = 0;
    if (slackware_check(osver:"14.0", pkgname:"bind", pkgver:"9.11.19", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
    if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"bind", pkgver:"9.11.19", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;
    
    if (slackware_check(osver:"14.1", pkgname:"bind", pkgver:"9.11.19", pkgarch:"i486", pkgnum:"1_slack14.1")) flag++;
    if (slackware_check(osver:"14.1", arch:"x86_64", pkgname:"bind", pkgver:"9.11.19", pkgarch:"x86_64", pkgnum:"1_slack14.1")) flag++;
    
    if (slackware_check(osver:"14.2", pkgname:"bind", pkgver:"9.11.19", pkgarch:"i586", pkgnum:"1_slack14.2")) flag++;
    if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"bind", pkgver:"9.11.19", pkgarch:"x86_64", pkgnum:"1_slack14.2")) flag++;
    
    if (slackware_check(osver:"current", pkgname:"bind", pkgver:"9.16.3", pkgarch:"i586", pkgnum:"1")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"bind", pkgver:"9.16.3", pkgarch:"x86_64", pkgnum:"1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2383.NASL
    descriptionThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2383 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-03
    plugin id137070
    published2020-06-03
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137070
    titleRHEL 6 : bind (RHSA-2020:2383)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:2383. The text
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(137070);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"RHSA", value:"2020:2383");
    
      script_name(english:"RHEL 6 : bind (RHSA-2020:2383)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Red Hat host is missing one or more security updates.");
      script_set_attribute(attribute:"description", value:
    "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:2383 advisory.
    
      - bind: BIND does not sufficiently limit the number of
        fetches performed when processing referrals
        (CVE-2020-8616)
    
      - bind: A logic error in code which checks TSIG validity
        can be used to trigger an assertion failure in tsig.c
        (CVE-2020-8617)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/400.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/617.html");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2383");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-8616");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-8617");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1836118");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1836124");
      script_set_attribute(attribute:"solution", value:
    "Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(400, 617);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/03");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::client");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::computenode");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::workstation");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Red Hat Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    include('rpm.inc');
    
    if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item('Host/RedHat/release');
    if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);
    
    if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item('Host/cpu');
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
    
    pkgs = [
        {'reference':'bind-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'},
        {'reference':'bind-chroot-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-chroot-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-chroot-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'},
        {'reference':'bind-devel-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-devel-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390', 'release':'6', 'epoch':'32'},
        {'reference':'bind-devel-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-devel-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'},
        {'reference':'bind-libs-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-libs-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390', 'release':'6', 'epoch':'32'},
        {'reference':'bind-libs-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-libs-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'},
        {'reference':'bind-sdb-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-sdb-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-sdb-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'},
        {'reference':'bind-utils-9.8.2-0.68.rc1.el6_10.7', 'cpu':'i686', 'release':'6', 'epoch':'32'},
        {'reference':'bind-utils-9.8.2-0.68.rc1.el6_10.7', 'cpu':'s390x', 'release':'6', 'epoch':'32'},
        {'reference':'bind-utils-9.8.2-0.68.rc1.el6_10.7', 'cpu':'x86_64', 'release':'6', 'epoch':'32'}
    ];
    
    flag = 0;
    foreach package_array ( pkgs ) {
      reference = NULL;
      release = NULL;
      sp = NULL;
      cpu = NULL;
      el_string = NULL;
      rpm_spec_vers_cmp = NULL;
      epoch = NULL;
      allowmaj = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
      if (reference && release) {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
      }
    }
    
    if (flag)
    {
      security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / etc');
    }
    
  • NASL familyDNS
    NASL idBIND9_9172.NASL
    descriptionA denial of service (DoS) vulnerability exists in ISC BIND versions 9.11.18 / 9.11.18-S1 / 9.12.4-P2 / 9.13 / 9.14.11 / 9.15 / 9.16.2 / 9.17 / 9.17.1 and earlier. An unauthenticated, remote attacker can exploit this issue, via a specially-crafted message, to cause the service to stop responding.
    last seen2020-05-31
    modified2020-05-22
    plugin id136808
    published2020-05-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136808
    titleISC BIND Denial of Service
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(136808);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/26");
    
      script_cve_id("CVE-2020-8617");
      script_xref(name:"IAVA", value:"2020-A-0217-S");
    
      script_name(english:"ISC BIND Denial of Service");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote name server is affected by an assertion failure vulnerability.");
      script_set_attribute(attribute:"description", value:
    "A denial of service (DoS) vulnerability exists in ISC BIND versions 9.11.18 / 9.11.18-S1 / 9.12.4-P2 / 9.13 / 9.14.11
    / 9.15 / 9.16.2 / 9.17 / 9.17.1 and earlier. An unauthenticated, remote attacker can exploit this issue, via a
    specially-crafted message, to cause the service to stop responding.");
      script_set_attribute(attribute:"see_also", value:"https://kb.isc.org/docs/cve-2020-8617");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to the patched release most closely related to your current version of BIND.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8616");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/22");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:isc:bind");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"DNS");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("bind_version.nasl");
      script_require_keys("bind/version");
    
      exit(0);
    }
    
    include('vcf.inc');
    include('vcf_extras.inc');
    
    vcf::bind::initialize();
    
    app_info = vcf::get_app_info(app:'BIND', port:53, kb_ver:'bind/version', service:TRUE, proto:'UDP');
    
    constraints = [
      { 'min_version' : '9.0.0', 'max_version' : '9.11.18', 'fixed_display' : '9.11.19' },
      { 'min_version' : '9.9.3-S1', 'max_version' : '9.11.18-S1', 'fixed_display' : '9.11.19-S1' },
      { 'min_version' : '9.14.0', 'max_version' : '9.14.11', 'fixed_display' : '9.14.12' },
      { 'min_version' : '9.16.0', 'max_version' : '9.16.2', 'fixed_display' : '9.16.3'},
      # The below have no fixed versions
      { 'min_version' : '9.12.0', 'max_version' : '9.12.4-P2', 'fixed_display' : 'Update to the latest available stable release' },
      { 'min_version' : '9.17.0', 'max_version' : '9.17.1', 'fixed_display' : 'Update to the latest available stable release' },
      { "min_version" : "9.13.0", "max_version" : "9.13.3" , 'fixed_display' : 'Update to the latest available stable release' },
      { "min_version" : "9.15.0", "max_version" : "9.15.7", 'fixed_display' : 'Update to the latest available stable release' }
    ];
    constraints = vcf::bind::filter_constraints(constraints:constraints, version:app_info.version);
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-2344.NASL
    descriptionFrom Red Hat Security Advisory 2020:2344 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2344 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-06-02
    plugin id137037
    published2020-06-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137037
    titleOracle Linux 7 : bind (ELSA-2020-2344)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:2344 and 
    # Oracle Linux Security Advisory ELSA-2020-2344 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137037);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"RHSA", value:"2020:2344");
    
      script_name(english:"Oracle Linux 7 : bind (ELSA-2020-2344)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "From Red Hat Security Advisory 2020:2344 :
    
    The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:2344 advisory.
    
      - bind: BIND does not sufficiently limit the number of
        fetches performed when processing referrals
        (CVE-2020-8616)
    
      - bind: A logic error in code which checks TSIG validity
        can be used to trigger an assertion failure in tsig.c
        (CVE-2020-8617)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2020-June/009985.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected bind packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-export-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-export-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs-lite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-license");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-lite-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-pkcs11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-pkcs11-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-pkcs11-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-pkcs11-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-utils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-export-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-export-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-libs-lite-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-license-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-lite-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-pkcs11-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-pkcs11-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-pkcs11-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-pkcs11-utils-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-sdb-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-sdb-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-utils-9.11.4-16.P2.el7_8.6")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-export-devel / etc");
    }
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-2_0-0249_BINDUTILS.NASL
    descriptionAn update of the bindutils package has been released.
    last seen2020-06-10
    modified2020-06-06
    plugin id137191
    published2020-06-06
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137191
    titlePhoton OS 2.0: Bindutils PHSA-2020-2.0-0249
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2020-2.0-0249. The text
    # itself is copyright (C) VMware, Inc.
    
    include('compat.inc');
    
    if (description)
    {
      script_id(137191);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
    
      script_name(english:"Photon OS 2.0: Bindutils PHSA-2020-2.0-0249");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the bindutils package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-2-249.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/06");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:bindutils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-2.0", cpu:"x86_64", reference:"bindutils-9.16.3-1.ph2")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bindutils");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200601_BIND_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617)
    last seen2020-06-06
    modified2020-06-02
    plugin id137041
    published2020-06-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137041
    titleScientific Linux Security Update : bind on SL7.x x86_64 (20200601)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137041);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
    
      script_name(english:"Scientific Linux Security Update : bind on SL7.x x86_64 (20200601)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Security Fix(es) :
    
      - bind: BIND does not sufficiently limit the number of
        fetches performed when processing referrals
        (CVE-2020-8616)
    
      - bind: A logic error in code which checks TSIG validity
        can be used to trigger an assertion failure in tsig.c
        (CVE-2020-8617)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2006&L=SCIENTIFIC-LINUX-ERRATA&P=388
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?75e6cb87"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-export-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-export-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-libs-lite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-license");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-lite-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-pkcs11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-pkcs11-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-pkcs11-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-pkcs11-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-sdb-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bind-utils");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-debuginfo-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-export-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-export-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-libs-lite-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", reference:"bind-license-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-lite-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-pkcs11-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-pkcs11-devel-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-pkcs11-libs-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-pkcs11-utils-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-sdb-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-sdb-chroot-9.11.4-16.P2.el7_8.6")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bind-utils-9.11.4-16.P2.el7_8.6")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-1350-1.NASL
    descriptionThis update for bind fixes the following issues : Security issues fixed : CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals (bsc#1171740). CVE-2020-8617: Fixed a logic error in code which checks TSIG validity (bsc#1171740). Non-security issue fixed : Fixed an invalid string comparison in the handling of cookie-secrets (bsc#1161168). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-22
    plugin id136799
    published2020-05-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136799
    titleSUSE SLES12 Security Update : bind (SUSE-SU-2020:1350-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:1350-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(136799);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/26");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"IAVA", value:"2020-A-0217-S");
    
      script_name(english:"SUSE SLES12 Security Update : bind (SUSE-SU-2020:1350-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "This update for bind fixes the following issues :
    
    Security issues fixed :
    
    CVE-2020-8616: Fixed the insufficient limit on the number of fetches
    performed when processing referrals (bsc#1171740).
    
    CVE-2020-8617: Fixed a logic error in code which checks TSIG validity
    (bsc#1171740).
    
    Non-security issue fixed :
    
    Fixed an invalid string comparison in the handling of cookie-secrets
    (bsc#1161168).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1161168"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1171740"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-8616/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-8617/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20201350-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?05d114ef"
      );
      script_set_attribute(
        attribute:"solution",
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP5 :
    
    zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1350=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP4 :
    
    zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1350=1
    
    SUSE Linux Enterprise Server 12-SP5 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1350=1
    
    SUSE Linux Enterprise Server 12-SP4 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1350=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-chrootenv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbind9");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbind9-160-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdns169");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdns169-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libirs160");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libirs160-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisc166");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisc166-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccc160");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccc160-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccfg160");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccfg160-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblwres160");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblwres160-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/05/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(4|5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4/5", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-chrootenv-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-debugsource-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-utils-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"bind-utils-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libbind9-160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libbind9-160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libdns169-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libdns169-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libirs160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libirs160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisccc160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisccc160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisccfg160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisccfg160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"liblwres160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"liblwres160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-32bit-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-debuginfo-32bit-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-chrootenv-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-debugsource-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-utils-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"bind-utils-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libbind9-160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libbind9-160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libdns169-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libdns169-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libirs160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libirs160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisc166-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisc166-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisccc160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisccc160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisccfg160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisccfg160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"liblwres160-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"liblwres160-debuginfo-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisc166-32bit-9.11.2-3.17.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libisc166-debuginfo-32bit-9.11.2-3.17.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2020-1369.NASL
    descriptionA malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.(CVE-2020-8616) Using a specially crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.(CVE-2020-8617)
    last seen2020-06-10
    modified2020-06-04
    plugin id137092
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137092
    titleAmazon Linux AMI : bind (ALAS-2020-1369)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2020-1369.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137092);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
      script_xref(name:"ALAS", value:"2020-1369");
    
      script_name(english:"Amazon Linux AMI : bind (ALAS-2020-1369)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "A malicious actor who intentionally exploits this lack of effective
    limitation on the number of fetches performed when processing
    referrals can, through the use of specially crafted referrals, cause a
    recursing server to issue a very large number of fetches in an attempt
    to process the referral. This has at least two potential effects: The
    performance of the recursing server can potentially be degraded by the
    additional work required to perform these fetches, and The attacker
    can exploit this behavior to use the recursing server as a reflector
    in a reflection attack with a high amplification
    factor.(CVE-2020-8616)
    
    Using a specially crafted message, an attacker may potentially cause a
    BIND server to reach an inconsistent state if the attacker knows (or
    successfully guesses) the name of a TSIG key used by the server. Since
    BIND, by default, configures a local session key even on servers whose
    configuration does not otherwise make use of it, almost all current
    BIND servers are vulnerable. In releases of BIND dating from March
    2018 and after, an assertion check in tsig.c detects this inconsistent
    state and deliberately exits. Prior to the introduction of the check
    the server would continue operating in an inconsistent state, with
    potentially harmful results.(CVE-2020-8617)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2020-1369.html"
      );
      script_set_attribute(
        attribute:"solution",
        value:"Run 'yum update bind' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bind-utils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"bind-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-chroot-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-debuginfo-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-devel-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-libs-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-sdb-9.8.2-0.68.rc1.64.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"bind-utils-9.8.2-0.68.rc1.64.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc");
    }
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-1_0-0298_BINDUTILS.NASL
    descriptionAn update of the bindutils package has been released.
    last seen2020-06-12
    modified2020-06-10
    plugin id137318
    published2020-06-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137318
    titlePhoton OS 1.0: Bindutils PHSA-2020-1.0-0298
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2020-1.0-0298. The text
    # itself is copyright (C) VMware, Inc.
    
    include('compat.inc');
    
    if (description)
    {
      script_id(137318);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/11");
    
      script_cve_id("CVE-2020-8616", "CVE-2020-8617");
    
      script_name(english:"Photon OS 1.0: Bindutils PHSA-2020-1.0-0298");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the bindutils package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-1.0-298.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8617");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/10");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:bindutils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-1.0", cpu:"x86_64", reference:"bindutils-9.16.3-1.ph1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bindutils");
    }
    
  • NASL familyDNS
    NASL idBIND9_CVE-2020-8616.NASL
    descriptionAccording to its self-reported version, the instance of ISC BIND 9 running on the remote name server is affected by performance downgrade and Reflected DoS vulnerabilities. This is due to BIND DNS not sufficiently limiting the number fetches which may be performed while processing a referral response. An unauthenticated, remote attacker can exploit this to cause degrade the service of the recursive server or to use the affected server as a reflector in a reflection attack.
    last seen2020-05-31
    modified2020-05-22
    plugin id136769
    published2020-05-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136769
    titleISC BIND Service Downgrade / Reflected DoS
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200603_BIND_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617)
    last seen2020-06-10
    modified2020-06-05
    plugin id137174
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137174
    titleScientific Linux Security Update : bind on SL6.x i386/x86_64 (20200603)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-2338.NASL
    descriptionDescription of changes: [32:9.11.13-5] - Limit number of queries triggered by a request (CVE-2020-8616) [32:9.11.13-4] - Fix invalid tsig request (CVE-2020-8617)
    last seen2020-06-11
    modified2020-06-08
    plugin id137219
    published2020-06-08
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137219
    titleOracle Linux 8 : bind (ELSA-2020-2338)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2345.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2345 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-05
    modified2020-06-03
    plugin id137063
    published2020-06-03
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137063
    titleRHEL 8 : bind (RHSA-2020:2345)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2020-0021.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details.
    last seen2020-06-10
    modified2020-06-05
    plugin id137170
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137170
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-2D89CBCFD9.NASL
    descriptionLatest security update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-10
    modified2020-06-04
    plugin id137108
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137108
    titleFedora 32 : 32:bind (2020-2d89cbcfd9)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2227.NASL
    descriptionSeveral vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches performed when processing referrals. An attacker can take advantage of this flaw to cause a denial of service (performance degradation) or use the recursing server in a reflection attack with a high amplification factor. CVE-2020-8617 It was discovered that a logic error in the code which checks TSIG validity can be used to trigger an assertion failure, resulting in denial of service. For Debian 8
    last seen2020-06-06
    modified2020-06-01
    plugin id136983
    published2020-06-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136983
    titleDebian DLA-2227-1 : bind9 security update
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4365-1.NASL
    descriptionLior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. (CVE-2020-8616) Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. (CVE-2020-8617). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-20
    plugin id136730
    published2020-05-20
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136730
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.10 / 20.04 : bind9 vulnerabilities (USN-4365-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-F9DCD4E9D5.NASL
    descriptionLatest minor release with security updates. - [Upstream release notes](https://downloads.isc.org/isc/bind9/9.11.19/RELEA SE-NOTES-bind-9.11.19.html) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-10
    modified2020-06-04
    plugin id137124
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137124
    titleFedora 31 : 32:bind / bind-dyndb-ldap / dnsperf (2020-f9dcd4e9d5)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-2383.NASL
    descriptionFrom Red Hat Security Advisory 2020:2383 : The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2383 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-04
    plugin id137129
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137129
    titleOracle Linux 6 : bind (ELSA-2020-2383)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2020-1426.NASL
    descriptionAn assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially crafted message, potentially causing a BIND server to reach an inconsistent state or cause a denial of service. A majority of BIND servers have an internally-generated TSIG session key whose name is trivially guessable, and that key exposes the vulnerability unless specifically disabled. (CVE-2020-8617) A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. (CVE-2020-8616)
    last seen2020-05-31
    modified2020-05-21
    plugin id136749
    published2020-05-21
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136749
    titleAmazon Linux 2 : bind (ALAS-2020-1426)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-2383.NASL
    descriptionThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2383 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-05
    plugin id137151
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137151
    titleCentOS 6 : bind (CESA-2020:2383)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2404.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2404 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-05
    plugin id137139
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137139
    titleRHEL 8 : bind (RHSA-2020:2404)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL97810133.NASL
    descriptionA malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and the attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.(CVE-2020-8616) For more information, refer toISC Security Advisory CVE-2020-8616 and the academic paper, NXNSAttack, prepared by the discoverers and reporters of this vulnerability. Note : These links takeyou to resources outside of AskF5, and it is possible that the documents may be removed without our knowledge. Impact This vulnerability has at least two potential effects: the performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and the attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. An attacker could exploit this vulnerability to generate a large number of communications between the BIG-IP system and the victim
    last seen2020-06-13
    modified2020-06-12
    plugin id137378
    published2020-06-12
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137378
    titleF5 Networks BIG-IP : BIND vulnerability (K97810133)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2344.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2344 advisory. - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-10
    modified2020-06-03
    plugin id137082
    published2020-06-03
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137082
    titleRHEL 7 : bind (RHSA-2020:2344)

Redhat

rpms
  • bind-32:9.11.13-5.el8_2
  • bind-chroot-32:9.11.13-5.el8_2
  • bind-debuginfo-32:9.11.13-5.el8_2
  • bind-debugsource-32:9.11.13-5.el8_2
  • bind-devel-32:9.11.13-5.el8_2
  • bind-export-devel-32:9.11.13-5.el8_2
  • bind-export-libs-32:9.11.13-5.el8_2
  • bind-export-libs-debuginfo-32:9.11.13-5.el8_2
  • bind-libs-32:9.11.13-5.el8_2
  • bind-libs-debuginfo-32:9.11.13-5.el8_2
  • bind-libs-lite-32:9.11.13-5.el8_2
  • bind-libs-lite-debuginfo-32:9.11.13-5.el8_2
  • bind-license-32:9.11.13-5.el8_2
  • bind-lite-devel-32:9.11.13-5.el8_2
  • bind-pkcs11-32:9.11.13-5.el8_2
  • bind-pkcs11-debuginfo-32:9.11.13-5.el8_2
  • bind-pkcs11-devel-32:9.11.13-5.el8_2
  • bind-pkcs11-libs-32:9.11.13-5.el8_2
  • bind-pkcs11-libs-debuginfo-32:9.11.13-5.el8_2
  • bind-pkcs11-utils-32:9.11.13-5.el8_2
  • bind-pkcs11-utils-debuginfo-32:9.11.13-5.el8_2
  • bind-sdb-32:9.11.13-5.el8_2
  • bind-sdb-chroot-32:9.11.13-5.el8_2
  • bind-sdb-debuginfo-32:9.11.13-5.el8_2
  • bind-utils-32:9.11.13-5.el8_2
  • bind-utils-debuginfo-32:9.11.13-5.el8_2
  • python3-bind-32:9.11.13-5.el8_2
  • bind-32:9.11.4-16.P2.el7_8.6
  • bind-chroot-32:9.11.4-16.P2.el7_8.6
  • bind-debuginfo-32:9.11.4-16.P2.el7_8.6
  • bind-devel-32:9.11.4-16.P2.el7_8.6
  • bind-export-devel-32:9.11.4-16.P2.el7_8.6
  • bind-export-libs-32:9.11.4-16.P2.el7_8.6
  • bind-libs-32:9.11.4-16.P2.el7_8.6
  • bind-libs-lite-32:9.11.4-16.P2.el7_8.6
  • bind-license-32:9.11.4-16.P2.el7_8.6
  • bind-lite-devel-32:9.11.4-16.P2.el7_8.6
  • bind-pkcs11-32:9.11.4-16.P2.el7_8.6
  • bind-pkcs11-devel-32:9.11.4-16.P2.el7_8.6
  • bind-pkcs11-libs-32:9.11.4-16.P2.el7_8.6
  • bind-pkcs11-utils-32:9.11.4-16.P2.el7_8.6
  • bind-sdb-32:9.11.4-16.P2.el7_8.6
  • bind-sdb-chroot-32:9.11.4-16.P2.el7_8.6
  • bind-utils-32:9.11.4-16.P2.el7_8.6
  • bind-32:9.11.4-26.P2.el8_1.3
  • bind-chroot-32:9.11.4-26.P2.el8_1.3
  • bind-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-debugsource-32:9.11.4-26.P2.el8_1.3
  • bind-devel-32:9.11.4-26.P2.el8_1.3
  • bind-export-devel-32:9.11.4-26.P2.el8_1.3
  • bind-export-libs-32:9.11.4-26.P2.el8_1.3
  • bind-export-libs-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-libs-32:9.11.4-26.P2.el8_1.3
  • bind-libs-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-libs-lite-32:9.11.4-26.P2.el8_1.3
  • bind-libs-lite-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-license-32:9.11.4-26.P2.el8_1.3
  • bind-lite-devel-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-devel-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-libs-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-libs-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-utils-32:9.11.4-26.P2.el8_1.3
  • bind-pkcs11-utils-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-sdb-32:9.11.4-26.P2.el8_1.3
  • bind-sdb-chroot-32:9.11.4-26.P2.el8_1.3
  • bind-sdb-debuginfo-32:9.11.4-26.P2.el8_1.3
  • bind-utils-32:9.11.4-26.P2.el8_1.3
  • bind-utils-debuginfo-32:9.11.4-26.P2.el8_1.3
  • python3-bind-32:9.11.4-26.P2.el8_1.3
  • bind-32:9.8.2-0.68.rc1.el6_10.7
  • bind-chroot-32:9.8.2-0.68.rc1.el6_10.7
  • bind-debuginfo-32:9.8.2-0.68.rc1.el6_10.7
  • bind-devel-32:9.8.2-0.68.rc1.el6_10.7
  • bind-libs-32:9.8.2-0.68.rc1.el6_10.7
  • bind-sdb-32:9.8.2-0.68.rc1.el6_10.7
  • bind-utils-32:9.8.2-0.68.rc1.el6_10.7
  • bind-32:9.11.4-19.P2.el8_0
  • bind-chroot-32:9.11.4-19.P2.el8_0
  • bind-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-debugsource-32:9.11.4-19.P2.el8_0
  • bind-devel-32:9.11.4-19.P2.el8_0
  • bind-export-devel-32:9.11.4-19.P2.el8_0
  • bind-export-libs-32:9.11.4-19.P2.el8_0
  • bind-export-libs-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-libs-32:9.11.4-19.P2.el8_0
  • bind-libs-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-libs-lite-32:9.11.4-19.P2.el8_0
  • bind-libs-lite-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-license-32:9.11.4-19.P2.el8_0
  • bind-lite-devel-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-devel-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-libs-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-libs-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-utils-32:9.11.4-19.P2.el8_0
  • bind-pkcs11-utils-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-sdb-32:9.11.4-19.P2.el8_0
  • bind-sdb-chroot-32:9.11.4-19.P2.el8_0
  • bind-sdb-debuginfo-32:9.11.4-19.P2.el8_0
  • bind-utils-32:9.11.4-19.P2.el8_0
  • bind-utils-debuginfo-32:9.11.4-19.P2.el8_0
  • python3-bind-32:9.11.4-19.P2.el8_0

References