Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.72163
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2012:1267
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2012:1267.

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named)
a resolver
library (routines for applications to use when interfacing with DNS)
and
tools for verifying that the DNS server is operating correctly.

A flaw was found in the way BIND handled resource records with a large
RDATA value. A malicious owner of a DNS domain could use this flaw to
create specially-crafted DNS resource records, that would cause a recursive
resolver or secondary server to exit unexpectedly with an assertion
failure. (CVE-2012-4244)

This update also fixes the following bug:

* The bind-chroot-admin script, executed when upgrading the bind-chroot
package, failed to correctly update the permissions of the
/var/named/chroot/etc/named.conf file. Depending on the permissions of the
file, this could have prevented named from starting after installing
package updates. With this update, bind-chroot-admin correctly updates the
permissions and ownership of the file. (BZ#857056)

Users of bind are advised to upgrade to these updated packages, which
correct these issues. After installing the update, the BIND daemon (named)
will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2012-1267.html
http://www.isc.org/software/bind/advisories/cve-2012-4244

Risk factor : High

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-4244
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
BugTraq ID: 55522
http://www.securityfocus.com/bid/55522
Debian Security Information: DSA-2547 (Google Search)
http://www.debian.org/security/2012/dsa-2547
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html
HPdes Security Advisory: HPSBOV03226
http://marc.info/?l=bugtraq&m=141879471518471&w=2
HPdes Security Advisory: SSRT101004
http://www.mandriva.com/security/advisories?name=MDVSA-2012:152
RedHat Security Advisories: RHSA-2012:1266
http://rhn.redhat.com/errata/RHSA-2012-1266.html
RedHat Security Advisories: RHSA-2012:1267
http://rhn.redhat.com/errata/RHSA-2012-1267.html
RedHat Security Advisories: RHSA-2012:1268
http://rhn.redhat.com/errata/RHSA-2012-1268.html
RedHat Security Advisories: RHSA-2012:1365
http://rhn.redhat.com/errata/RHSA-2012-1365.html
http://secunia.com/advisories/50560
http://secunia.com/advisories/50579
http://secunia.com/advisories/50582
http://secunia.com/advisories/50645
http://secunia.com/advisories/50673
http://secunia.com/advisories/51096
SuSE Security Announcement: SUSE-SU-2012:1199 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html
SuSE Security Announcement: SUSE-SU-2012:1333 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html
SuSE Security Announcement: openSUSE-SU-2012:1192 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html
http://www.ubuntu.com/usn/USN-1566-1
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.