Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.106748
Kategorie:JunOS Local Security Checks
Titel:Junos Multiple BIND Vulnerabilities
Zusammenfassung:Junos OS is prone to multiple denial of service vulnerabilities in ISC;BIND named.
Beschreibung:Summary:
Junos OS is prone to multiple denial of service vulnerabilities in ISC
BIND named.

Vulnerability Insight:
Multiple vulnerabilities where found in the BIND version used by Junos OS:

- buffer.c in named in ISC BIND does not properly construct responses, which allows remote attackers to cause a
denial of service via a crafted query. (CVE-2016-2776)

- named in ISC BIND allows remote attackers to cause a denial of service via a DNAME record in the answer section
of a response to a recursive query, related to db.c and resolver.c. (CVE-2016-8864)

- named in ISC BIND allows remote attackers to cause a denial of service via a malformed response to an RTYPE ANY
query. (CVE-2016-9131)

- named in ISC BIND allows remote attackers to cause a denial of service via a response containing an
inconsistency among the DNSSEC-related RRsets. (CVE-2016-9147)

- named in ISC BIND allows remote attackers to cause a denial of service via a crafted DS resource record in an
answer. (CVE-2016-9444)

Vulnerability Impact:
An attacker may cause a denial of service condition.

Affected Software/OS:
Junos OS 12.1X46, 12.3X48 and 15.1X49.

Solution:
New builds of Junos OS software are available from Juniper. As a
workaround disable the DNS proxy service.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-2776
BugTraq ID: 93188
http://www.securityfocus.com/bid/93188
https://www.exploit-db.com/exploits/40453/
FreeBSD Security Advisory: FreeBSD-SA-16:34
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:28.bind.asc
https://security.gentoo.org/glsa/201610-07
RedHat Security Advisories: RHSA-2016:1944
http://rhn.redhat.com/errata/RHSA-2016-1944.html
RedHat Security Advisories: RHSA-2016:1945
http://rhn.redhat.com/errata/RHSA-2016-1945.html
RedHat Security Advisories: RHSA-2016:2099
http://rhn.redhat.com/errata/RHSA-2016-2099.html
http://www.securitytracker.com/id/1036903
Common Vulnerability Exposure (CVE) ID: CVE-2016-8864
BugTraq ID: 94067
http://www.securityfocus.com/bid/94067
Debian Security Information: DSA-3703 (Google Search)
http://www.debian.org/security/2016/dsa-3703
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:34.bind.asc
https://security.gentoo.org/glsa/201701-26
RedHat Security Advisories: RHSA-2016:2141
http://rhn.redhat.com/errata/RHSA-2016-2141.html
RedHat Security Advisories: RHSA-2016:2142
http://rhn.redhat.com/errata/RHSA-2016-2142.html
RedHat Security Advisories: RHSA-2016:2615
http://rhn.redhat.com/errata/RHSA-2016-2615.html
RedHat Security Advisories: RHSA-2016:2871
http://rhn.redhat.com/errata/RHSA-2016-2871.html
RedHat Security Advisories: RHSA-2017:1583
https://access.redhat.com/errata/RHSA-2017:1583
http://www.securitytracker.com/id/1037156
Common Vulnerability Exposure (CVE) ID: CVE-2016-9131
BugTraq ID: 95386
http://www.securityfocus.com/bid/95386
Debian Security Information: DSA-3758 (Google Search)
http://www.debian.org/security/2017/dsa-3758
https://security.gentoo.org/glsa/201708-01
RedHat Security Advisories: RHSA-2017:0062
http://rhn.redhat.com/errata/RHSA-2017-0062.html
http://www.securitytracker.com/id/1037582
Common Vulnerability Exposure (CVE) ID: CVE-2016-9147
BugTraq ID: 95390
http://www.securityfocus.com/bid/95390
RedHat Security Advisories: RHSA-2017:0063
http://rhn.redhat.com/errata/RHSA-2017-0063.html
RedHat Security Advisories: RHSA-2017:0064
http://rhn.redhat.com/errata/RHSA-2017-0064.html
RedHat Security Advisories: RHSA-2017:1582
https://access.redhat.com/errata/RHSA-2017:1582
Common Vulnerability Exposure (CVE) ID: CVE-2016-9444
BugTraq ID: 95393
http://www.securityfocus.com/bid/95393
CopyrightThis script is Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.