ID de Prueba:	1.3.6.1.4.1.25623.1.0.881311
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for bind CESA-2011:1496 centos4 x86_64
Resumen:	The remote host is missing an update for the 'bind'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the referenced advisory. Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named), a resolver library (routines for applications to use when interfacing with DNS), and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind on CentOS 4 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4313 AIX APAR: IV11106 http://www-01.ibm.com/support/docview.wss?uid=isg1IV11106 AIX APAR: IV11248 http://www.ibm.com/support/docview.wss?uid=isg1IV11248 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html BugTraq ID: 50690 http://www.securityfocus.com/bid/50690 CERT/CC vulnerability note: VU#606539 http://www.kb.cert.org/vuls/id/606539 Debian Security Information: DSA-2347 (Google Search) http://www.debian.org/security/2011/dsa-2347 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html FreeBSD Security Advisory: FreeBSD-SA-11:06 http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc HPdes Security Advisory: HPSBOV02774 http://marc.info/?l=bugtraq&m=133978480208466&w=2 HPdes Security Advisory: HPSBOV03226 http://marc.info/?l=bugtraq&m=141879471518471&w=2 HPdes Security Advisory: HPSBUX02729 http://marc.info/?l=bugtraq&m=132310123002302&w=2 HPdes Security Advisory: SSRT100684 HPdes Security Advisory: SSRT100687 HPdes Security Advisory: SSRT101004 http://www.mandriva.com/security/advisories?name=MDVSA-2011:176 http://osvdb.org/77159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14343 http://www.redhat.com/support/errata/RHSA-2011-1458.html http://www.redhat.com/support/errata/RHSA-2011-1459.html http://www.redhat.com/support/errata/RHSA-2011-1496.html http://www.securitytracker.com/id?1026335 http://secunia.com/advisories/46536 http://secunia.com/advisories/46829 http://secunia.com/advisories/46887 http://secunia.com/advisories/46890 http://secunia.com/advisories/46905 http://secunia.com/advisories/46906 http://secunia.com/advisories/46943 http://secunia.com/advisories/46984 http://secunia.com/advisories/47043 http://secunia.com/advisories/47075 http://secunia.com/advisories/48308 SuSE Security Announcement: SUSE-SU-2011:1268 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html SuSE Security Announcement: SUSE-SU-2011:1270 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html SuSE Security Announcement: openSUSE-SU-2011:1272 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html http://www.ubuntu.com/usn/USN-1264-1 XForce ISS Database: isc-bind-recursive-dos(71332) https://exchange.xforce.ibmcloud.com/vulnerabilities/71332
Copyright	Copyright (c) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.