English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.882346
Categoría:CentOS Local Security Checks
Título:CentOS Update for bind CESA-2015:2655 centos7
Resumen:Check the version of bind
Descripción:Summary:
Check the version of bind

Vulnerability Insight:
The Berkeley Internet Name Domain (BIND)
is an implementation of the Domain Name System (DNS) protocols. BIND includes
a DNS server (named) a resolver library (routines for applications to use when
interfacing with DNS) and tools for verifying that the DNS server is operating
correctly.

A denial of service flaw was found in the way BIND processed certain
records with malformed class attributes. A remote attacker could use this
flaw to send a query to request a cached record with a malformed class
attribute that would cause named functioning as an authoritative or
recursive server to crash. (CVE-2015-8000)

Note: This issue affects authoritative servers as well as recursive
servers, however authoritative servers are at limited risk if they perform
authentication when making recursive queries to resolve addresses for
servers listed in NS RRSETs.

Red Hat would like to thank ISC for reporting this issue.

All bind users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the BIND daemon (named) will be restarted automatically.

Affected Software/OS:
bind on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-8000
BugTraq ID: 79349
http://www.securityfocus.com/bid/79349
Debian Security Information: DSA-3420 (Google Search)
http://www.debian.org/security/2015/dsa-3420
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174520.html
HPdes Security Advisory: HPSBUX03552
http://marc.info/?l=bugtraq&m=145680832702035&w=2
HPdes Security Advisory: SSRT102983
http://packetstormsecurity.com/files/134882/FreeBSD-Security-Advisory-BIND-Denial-Of-Service.html
RedHat Security Advisories: RHSA-2015:2655
http://rhn.redhat.com/errata/RHSA-2015-2655.html
RedHat Security Advisories: RHSA-2015:2656
http://rhn.redhat.com/errata/RHSA-2015-2656.html
RedHat Security Advisories: RHSA-2015:2658
http://rhn.redhat.com/errata/RHSA-2015-2658.html
RedHat Security Advisories: RHSA-2016:0078
http://rhn.redhat.com/errata/RHSA-2016-0078.html
RedHat Security Advisories: RHSA-2016:0079
http://rhn.redhat.com/errata/RHSA-2016-0079.html
http://www.securitytracker.com/id/1034418
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966
SuSE Security Announcement: SUSE-SU-2015:2340 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html
SuSE Security Announcement: SUSE-SU-2015:2341 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:2359 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html
SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html
SuSE Security Announcement: openSUSE-SU-2015:2364 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html
SuSE Security Announcement: openSUSE-SU-2015:2365 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html
SuSE Security Announcement: openSUSE-SU-2015:2391 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html
http://www.ubuntu.com/usn/USN-2837-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.