ID CVE-2009-0696
Summary The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
References
Vulnerable Configurations
  • ISC BIND 9.4
    cpe:2.3:a:isc:bind:9.4
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6
    cpe:2.3:a:isc:bind:9.6:r6:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Beta 1
    cpe:2.3:a:isc:bind:9.6:r6_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6:r6_rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.6:r6_rc2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7
    cpe:2.3:a:isc:bind:9.6:r7:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 1
    cpe:2.3:a:isc:bind:9.6:r7_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 2
    cpe:2.3:a:isc:bind:9.6:r7_p2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9
    cpe:2.3:a:isc:bind:9.6:r9:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9 Patch 1
    cpe:2.3:a:isc:bind:9.6:r9_p1:-:-:esv
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
CVSS
Base: 4.3 (as of 04-04-2016 - 10:28)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC. CVE-2009-0696. Dos exploits for multiple platform
id EDB-ID:9300
last seen 2016-02-01
modified 2009-07-30
published 2009-07-30
reporter kingcope
source https://www.exploit-db.com/download/9300/
title ISC BIND 9 - Remote Dynamic Update Message Denial of Service PoC
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_109326.NASL
    description SunOS 5.8: libresolv.so.2, in.named and BI. Date this patch was last updated by Sun : Mar/09/09
    last seen 2018-09-01
    modified 2016-12-12
    plugin id 13321
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13321
    title Solaris 8 (sparc) : 109326-24
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_112837.NASL
    description SunOS 5.9: in.dhcpd libresolv and BIND9 pa. Date this patch was last updated by Sun : Jul/21/11
    last seen 2018-09-02
    modified 2016-12-12
    plugin id 26165
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26165
    title Solaris 9 (sparc) : 112837-24
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_114265.NASL
    description SunOS 5.9_x86: in.dhcpd libresolv and BIND. Date this patch was last updated by Sun : Jul/21/11
    last seen 2018-09-01
    modified 2016-12-12
    plugin id 27094
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27094
    title Solaris 9 (x86) : 114265-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. This plugin has been deprecated and either replaced with individual 119784 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 25542
    published 2007-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25542
    title Solaris 10 (x86) : 119784-40 (deprecated)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2009-0016_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Geronimo - Apache Tomcat - Apache Xerces2 - cURL/libcURL - ISC BIND - Libxml2 - Linux kernel - Linux kernel 64-bit - Linux kernel Common Internet File System - Linux kernel eCryptfs - NTP - Python - Java Runtime Environment (JRE) - Java SE Development Kit (JDK) - Java SE Abstract Window Toolkit (AWT) - Java SE Plugin - Java SE Provider - Java SE Swing - Java SE Web Start
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89117
    published 2016-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89117
    title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12462.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if bind is master for a zone even if ddns is not configured (CVE-2009-0696). This has been fixed.
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 41316
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41316
    title SuSE9 Security Update : bind (YOU Patch Number 12462)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-181.NASL
    description A vulnerability has been found and corrected in ISC BIND : The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009 (CVE-2009-0696). This update provides fixes for this vulnerability.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 40430
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40430
    title Mandriva Linux Security Advisory : bind (MDVSA-2009:181)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-31.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107838
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107838
    title Solaris 10 (x86) : 119784-31
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-40.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107845
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107845
    title Solaris 10 (x86) : 119784-40
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-30.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107334
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107334
    title Solaris 10 (sparc) : 119783-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-32.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107839
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107839
    title Solaris 10 (x86) : 119784-32
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-39.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107844
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107844
    title Solaris 10 (x86) : 119784-39
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-32.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107336
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107336
    title Solaris 10 (sparc) : 119783-32
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. This plugin has been deprecated and either replaced with individual 119783 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 25541
    published 2007-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25541
    title Solaris 10 (sparc) : 119783-40 (deprecated)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_40339.NASL
    description s700_800 11.23 BIND 9.2.0 Revision 5.0 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS) and permit unauthorized disclosure of information. (HPSBUX02546 SSRT100159) - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBUX02451 SSRT090137)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 46813
    published 2010-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46813
    title HP-UX PHNE_40339 : s700_800 11.23 BIND 9.2.0 Revision 5.0
  • NASL family DNS
    NASL id BIND9_DYN_UPDATE_DOS.NASL
    description It is possible to kill the remote DNS server by sending it a specially crafted dynamic update message to a zone for which the server is a master. Note that this plugin requires knowledge of the target host's FQDN.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 40450
    published 2009-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40450
    title ISC BIND 9 Dynamic Update Handling Remote DoS (intrusive check)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56318.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63797
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63797
    title AIX 6.1 TL 3 : bind (IZ56318)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56317.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63796
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63796
    title AIX 6.1 TL 2 : bind (IZ56317)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1179.NASL
    description From Red Hat Security Advisory 2009:1179 : Updated bind packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 29th July 2009] The packages in this erratum have been updated to also correct this issue in the bind-sdb package. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67899
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67899
    title Oracle Linux 5 : bind (ELSA-2009-1179)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090730_BIND_SECURITY_FOR_SL_4_X.NASL
    description CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : - when running on a system receiving a large number of (greater than 4,000) DNS requests per second, the named DNS nameserver became unresponsive, and the named service had to be restarted in order for it to continue serving requests. This was caused by a deadlock occurring between two threads that led to the inability of named to continue to service requests. This deadlock has been resolved with these updated packages so that named no longer becomes unresponsive under heavy load. (BZ#512668) After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60629
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60629
    title Scientific Linux Security Update : bind security for SL 4.x on i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_BIND-090729.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if ddns is not configured (CVE-2009-0696).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 40442
    published 2009-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40442
    title openSUSE Security Update : bind (bind-1146)
  • NASL family DNS
    NASL id BIND9_DOS3.NASL
    description The version of BIND installed on the remote host suggests that it suffers from a denial of service vulnerability, which may be triggered by sending a malicious dynamic update message to a zone for which the server is the master, even if that server is not configured to allow dynamic updates. Note that Nessus obtained the version by sending a special DNS request for the text 'version.bind' in the domain 'chaos', the value of which can be and sometimes is tweaked by DNS administrators.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 40422
    published 2009-07-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40422
    title ISC BIND Dynamic Update Message Handling Remote DoS
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56314.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63793
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63793
    title AIX 5.3 TL 10 : bind (IZ56314)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2009-0016.NASL
    description a. JRE Security Update JRE update to version 1.5.0_20, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. b. Update Apache Tomcat version Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 (vSphere 4.0) or version 5.5.28 (VirtualCenter 2.5) which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20 and Tomcat 5.5.28: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002. c. Third-party library update for ntp. The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. ESXi 3.5 and ESXi 4.0 have a ntp client that is affected by the following security issue. Note that the same security issue is present in the ESX Service Console as described in section d. of this advisory. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the 'ntp' user. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. The NTP security issue identified by CVE-2009-0159 is not relevant for ESXi 3.5 and ESXi 4.0. d. Service Console update for ntp Service Console package ntp updated to version ntp-4.2.2pl-9el5_3.2 The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. The Service Console present in ESX is affected by the following security issues. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the 'ntp' user. NTP authentication is not enabled by default on the Service Console. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the privileges of the user running the ntpq command. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0159 to this issue. e. Updated Service Console package kernel Updated Service Console package kernel addresses the security issues listed below. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3528, CVE-2008-5700, CVE-2009-0028, CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, CVE-2009-0778 to the security issues fixed in kernel 2.6.18-128.1.6. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4307, CVE-2009-0834, CVE-2009-1337, CVE-2009-0787, CVE-2009-1336 to the security issues fixed in kernel 2.6.18-128.1.10. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-1439, CVE-2009-1633, CVE-2009-1072, CVE-2009-1630, CVE-2009-1192 to the security issues fixed in kernel 2.6.18-128.1.14. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5966, CVE-2009-1385, CVE-2009-1388, CVE-2009-1389, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407 to the security issues fixed in kernel 2.6.18-128.4.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2692, CVE-2009-2698 to the security issues fixed in kernel 2.6.18-128.7.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-0745, CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, CVE-2009-2847, CVE-2009-2848 to the security issues fixed in kernel 2.6.18-164. f. Updated Service Console package python Service Console package Python update to version 2.4.3-24.el5. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service. Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service. An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 to these issues. g. Updated Service Console package bind Service Console package bind updated to version 9.3.6-4.P1.el5 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0696 to this issue. h. Updated Service Console package libxml2 Service Console package libxml2 updated to version 2.6.26-2.1.2.8. libxml is a library for parsing and manipulating XML files. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files. A stack overflow flaw was found in the way libxml processes the root XML document element definition in a DTD. A remote attacker could provide a specially crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. Multiple use-after-free flaws were found in the way libxml parses the Notation and Enumeration attribute types. A remote attacker could provide a specially crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2414 and CVE-2009-2416 to these issues. i. Updated Service Console package curl Service Console package curl updated to version 7.15.5-2.1.el5_3.5 A cURL is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse cURL into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2417 to this issue j. Updated Service Console package gnutls Service Console package gnutil updated to version 1.4.1-3.el5_3.5 A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by an application using GnuTLS, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse the application into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2730 to this issue
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 42870
    published 2009-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42870
    title VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-36.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107338
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107338
    title Solaris 10 (sparc) : 119783-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-36.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107841
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107841
    title Solaris 10 (x86) : 119784-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-29.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107836
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107836
    title Solaris 10 (x86) : 119784-29
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-33.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107337
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107337
    title Solaris 10 (sparc) : 119783-33
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-39.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107341
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107341
    title Solaris 10 (sparc) : 119783-39
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-37.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107842
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107842
    title Solaris 10 (x86) : 119784-37
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-37.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107339
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107339
    title Solaris 10 (sparc) : 119783-37
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-25.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107835
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107835
    title Solaris 10 (x86) : 119784-25
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-31.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107335
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107335
    title Solaris 10 (sparc) : 119783-31
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-38.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107340
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107340
    title Solaris 10 (sparc) : 119783-38
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0066.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99569
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99569
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_109327.NASL
    description SunOS 5.8_x86: libresolv.so.2, in.named an. Date this patch was last updated by Sun : Mar/09/09
    last seen 2018-09-02
    modified 2016-12-12
    plugin id 13429
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13429
    title Solaris 8 (x86) : 109327-24
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-41.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2019-01-15
    plugin id 121174
    published 2019-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121174
    title Solaris 10 (sparc) : 119783-41
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-25.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107332
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107332
    title Solaris 10 (sparc) : 119783-25
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-38.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107843
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107843
    title Solaris 10 (x86) : 119784-38
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-40.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107342
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107342
    title Solaris 10 (sparc) : 119783-40
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119783-29.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 107333
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107333
    title Solaris 10 (sparc) : 119783-29
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-33.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107840
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107840
    title Solaris 10 (x86) : 119784-33
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-30.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 107837
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107837
    title Solaris 10 (x86) : 119784-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119784-41.NASL
    description Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Bind/Postinstall script for Bind package). The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen 2019-02-21
    modified 2019-01-15
    plugin id 121180
    published 2019-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121180
    title Solaris 10 (x86) : 119784-41
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1181.NASL
    description Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * the following message could have been logged: 'internal_accept: fcntl() failed: Too many open files'. With these updated packages, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue. (BZ#498164) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 40433
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40433
    title RHEL 3 : bind (RHSA-2009:1181)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1180.NASL
    description From Red Hat Security Advisory 2009:1180 : Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * when running on a system receiving a large number of (greater than 4,000) DNS requests per second, the named DNS nameserver became unresponsive, and the named service had to be restarted in order for it to continue serving requests. This was caused by a deadlock occurring between two threads that led to the inability of named to continue to service requests. This deadlock has been resolved with these updated packages so that named no longer becomes unresponsive under heavy load. (BZ#512668) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67900
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67900
    title Oracle Linux 4 : bind (ELSA-2009-1180)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1181.NASL
    description From Red Hat Security Advisory 2009:1181 : Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * the following message could have been logged: 'internal_accept: fcntl() failed: Too many open files'. With these updated packages, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue. (BZ#498164) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67901
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67901
    title Oracle Linux 3 : bind (ELSA-2009-1181)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200908-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-200908-02 (BIND: Denial of Service) Matthias Urlichs reported that the dns_db_findrdataset() function fails when the prerequisite section of the dynamic update message contains a record of type 'ANY' and where at least one RRset for this FQDN exists on the server. Impact : A remote unauthenticated attacker could send a specially crafted dynamic update message to the BIND daemon (named), leading to a Denial of Service (daemon crash). This vulnerability affects all primary (master) servers -- it is not limited to those that are configured to allow dynamic updates. Workaround : Configure a firewall that performs Deep Packet Inspection to prevent nsupdate messages from reaching named. Alternatively, expose only secondary (slave) servers to untrusted networks.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 40463
    published 2009-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40463
    title GLSA-200908-02 : BIND: Denial of Service
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_83725C917C7E11DE967200E0815B8DA8.NASL
    description When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. To trigger the problem, the dynamic update message must contains a record of type 'ANY' and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server. Impact : An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation. Workaround : No generally applicable workaround is available, but some firewalls may be able to prevent nsupdate DNS packets from reaching the nameserver. NOTE WELL: Merely configuring named(8) to ignore dynamic updates is NOT sufficient to protect it from this vulnerability.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 40461
    published 2009-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40461
    title FreeBSD : BIND -- Dynamic update message remote DoS (83725c91-7c7e-11de-9672-00e0815b8da8)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56311.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63790
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63790
    title AIX 5.3 TL 7 : bind (IZ56311)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1180.NASL
    description Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * when running on a system receiving a large number of (greater than 4,000) DNS requests per second, the named DNS nameserver became unresponsive, and the named service had to be restarted in order for it to continue serving requests. This was caused by a deadlock occurring between two threads that led to the inability of named to continue to service requests. This deadlock has been resolved with these updated packages so that named no longer becomes unresponsive under heavy load. (BZ#512668) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 40436
    published 2009-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40436
    title CentOS 4 : bind (CESA-2009:1180)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090730_BIND_FOR_SL_5_X.NASL
    description CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60628
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60628
    title Scientific Linux Security Update : bind for SL 5.x on i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1179.NASL
    description Updated bind packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 29th July 2009] The packages in this erratum have been updated to also correct this issue in the bind-sdb package. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43772
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43772
    title CentOS 5 : bind (CESA-2009:1179)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1179.NASL
    description Updated bind packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 29th July 2009] The packages in this erratum have been updated to also correct this issue in the bind-sdb package. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 40431
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40431
    title RHEL 5 : bind (RHSA-2009:1179)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1181.NASL
    description Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * the following message could have been logged: 'internal_accept: fcntl() failed: Too many open files'. With these updated packages, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue. (BZ#498164) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 40423
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40423
    title CentOS 3 : bind (CESA-2009:1181)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-090729.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if ddns is not configured. (CVE-2009-0696)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 41370
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41370
    title SuSE 11 Security Update : bind (SAT Patch Number 1147)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-808-1.NASL
    description Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 40417
    published 2009-07-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40417
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : bind9 vulnerability (USN-808-1)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56316.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63795
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63795
    title AIX 6.1 TL 1 : bind (IZ56316)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2009-210-01.NASL
    description New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 54872
    published 2011-05-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=54872
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2009-210-01)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-6383.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if ddns is not configured (CVE-2009-0696).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 41991
    published 2009-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41991
    title openSUSE 10 Security Update : bind (bind-6383)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-8119.NASL
    description Update to the latest release which fixes important security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 40428
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40428
    title Fedora 10 : bind-9.5.1-3.P3.fc10 / Fedora 11 : bind-9.6.1-4.P1.fc11 (2009-8119)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_BIND-090729.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if ddns is not configured (CVE-2009-0696).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 40444
    published 2009-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40444
    title openSUSE Security Update : bind (bind-1146)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56312.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63791
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63791
    title AIX 5.3 TL 8 : bind (IZ56312)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2009-004.NASL
    description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-004 applied. This security update contains a fix for the following product : - bind
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 40591
    published 2009-08-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40591
    title Mac OS X BIND Dynamic Update Message Handling Remote DoS (Security Update 2009-004)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1180.NASL
    description Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : * when running on a system receiving a large number of (greater than 4,000) DNS requests per second, the named DNS nameserver became unresponsive, and the named service had to be restarted in order for it to continue serving requests. This was caused by a deadlock occurring between two threads that led to the inability of named to continue to service requests. This deadlock has been resolved with these updated packages so that named no longer becomes unresponsive under heavy load. (BZ#512668) All BIND users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 40432
    published 2009-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40432
    title RHEL 4 : bind (RHSA-2009:1180)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1847.NASL
    description It was discovered that the BIND DNS server terminates when processing a specially crafted dynamic DNS update. This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a master, even if dynamic updates are not enabled. The default Debian configuration for resolvers includes several authoritative zones, too, so resolvers are also affected by this issue unless these zones have been removed.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44712
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44712
    title Debian DSA-1847-1 : bind9 - improper assert
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL10366.NASL
    description The remote BIG-IP device is missing a patch required by a security advisory.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78119
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78119
    title F5 Networks BIG-IP : BIND vulnerability (SOL10366)
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56313.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63792
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63792
    title AIX 5.3 TL 9 : bind (IZ56313)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090730_BIND_FOR_SL_3_0_X.NASL
    description CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug : - the following message could have been logged: 'internal_accept: fcntl() failed: Too many open files'. With these updated packages, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue. (BZ#498164) After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60627
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60627
    title Scientific Linux Security Update : bind for SL 3.0.x on i386/x86_64
  • NASL family AIX Local Security Checks
    NASL id AIX_IZ56315.NASL
    description AIX 'named' is an implementation of BIND (Berkeley Internet Name Domain) providing server functionality for the Domain Name System (DNS) Protocol. AIX currently ships and supports three versions of BIND: 4, 8, and 9. There is an error in the handling of dynamic update messages in BIND 9. A crafted update packet from a remote user can cause a master server to assert and exit. The successful exploitation of this vulnerability allows a remote, unauthenticated user to make a master DNS server assert and exit. The following command is vulnerable : /usr/sbin/named9.
    last seen 2019-02-21
    modified 2013-03-11
    plugin id 63794
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63794
    title AIX 6.1 TL 0 : bind (IZ56315)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-6382.NASL
    description Specially crafted ddns update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if ddns is not configured. (CVE-2009-0696)
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 41480
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41480
    title SuSE 10 Security Update : bind (ZYPP Patch Number 6382)
oval via4
  • accepted 2013-04-29T04:05:27.621-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
    family unix
    id oval:org.mitre.oval:def:10414
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
    version 24
  • accepted 2015-04-20T04:00:20.497-04:00
    class vulnerability
    contributors
    • name Varun Narula
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
    family unix
    id oval:org.mitre.oval:def:12245
    status accepted
    submitted 2010-10-25T15:50:19.000-05:00
    title HP-UX Running BIND, Remote Denial of Service (DoS)
    version 44
  • accepted 2014-01-20T04:01:36.942-05:00
    class vulnerability
    contributors
    • name Pai Peng
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMware ESX Server 4.0 is installed
      oval oval:org.mitre.oval:def:6293
    description The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
    family unix
    id oval:org.mitre.oval:def:7806
    status accepted
    submitted 2010-03-19T16:57:59.000-04:00
    title VMware BIND vulnerability
    version 7
redhat via4
advisories
  • bugzilla
    id 514292
    title CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment bind is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179002
        • comment bind is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057003
      • AND
        • comment bind-chroot is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179010
        • comment bind-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057005
      • AND
        • comment bind-devel is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179004
        • comment bind-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057007
      • AND
        • comment bind-libbind-devel is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179014
        • comment bind-libbind-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057015
      • AND
        • comment bind-libs is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179016
        • comment bind-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057017
      • AND
        • comment bind-sdb is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179006
        • comment bind-sdb is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057009
      • AND
        • comment bind-utils is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179012
        • comment bind-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057011
      • AND
        • comment caching-nameserver is earlier than 30:9.3.4-10.P1.el5_3.3
          oval oval:com.redhat.rhsa:tst:20091179008
        • comment caching-nameserver is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070057013
    rhsa
    id RHSA-2009:1179
    released 2009-07-29
    severity Important
    title RHSA-2009:1179: bind security update (Important)
  • bugzilla
    id 514292
    title CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment bind is earlier than 20:9.2.4-30.el4_8.4
          oval oval:com.redhat.rhsa:tst:20091180002
        • comment bind is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044003
      • AND
        • comment bind-chroot is earlier than 20:9.2.4-30.el4_8.4
          oval oval:com.redhat.rhsa:tst:20091180010
        • comment bind-chroot is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044009
      • AND
        • comment bind-devel is earlier than 20:9.2.4-30.el4_8.4
          oval oval:com.redhat.rhsa:tst:20091180006
        • comment bind-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044005
      • AND
        • comment bind-libs is earlier than 20:9.2.4-30.el4_8.4
          oval oval:com.redhat.rhsa:tst:20091180004
        • comment bind-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044007
      • AND
        • comment bind-utils is earlier than 20:9.2.4-30.el4_8.4
          oval oval:com.redhat.rhsa:tst:20091180008
        • comment bind-utils is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044011
    rhsa
    id RHSA-2009:1180
    released 2009-07-29
    severity Important
    title RHSA-2009:1180: bind security and bug fix update (Important)
  • bugzilla
    id 514292
    title CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment bind is earlier than 20:9.2.4-25.el3
          oval oval:com.redhat.rhsa:tst:20091181002
        • comment bind is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044003
      • AND
        • comment bind-chroot is earlier than 20:9.2.4-25.el3
          oval oval:com.redhat.rhsa:tst:20091181006
        • comment bind-chroot is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044009
      • AND
        • comment bind-devel is earlier than 20:9.2.4-25.el3
          oval oval:com.redhat.rhsa:tst:20091181010
        • comment bind-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044005
      • AND
        • comment bind-libs is earlier than 20:9.2.4-25.el3
          oval oval:com.redhat.rhsa:tst:20091181008
        • comment bind-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044007
      • AND
        • comment bind-utils is earlier than 20:9.2.4-25.el3
          oval oval:com.redhat.rhsa:tst:20091181004
        • comment bind-utils is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044011
    rhsa
    id RHSA-2009:1181
    released 2009-07-29
    severity Important
    title RHSA-2009:1181: bind security and bug fix update (Important)
rpms
  • bind-30:9.3.4-10.P1.el5_3.3
  • bind-chroot-30:9.3.4-10.P1.el5_3.3
  • bind-devel-30:9.3.4-10.P1.el5_3.3
  • bind-libbind-devel-30:9.3.4-10.P1.el5_3.3
  • bind-libs-30:9.3.4-10.P1.el5_3.3
  • bind-sdb-30:9.3.4-10.P1.el5_3.3
  • bind-utils-30:9.3.4-10.P1.el5_3.3
  • caching-nameserver-30:9.3.4-10.P1.el5_3.3
  • bind-20:9.2.4-30.el4_8.4
  • bind-chroot-20:9.2.4-30.el4_8.4
  • bind-devel-20:9.2.4-30.el4_8.4
  • bind-libs-20:9.2.4-30.el4_8.4
  • bind-utils-20:9.2.4-30.el4_8.4
  • bind-20:9.2.4-25.el3
  • bind-chroot-20:9.2.4-25.el3
  • bind-devel-20:9.2.4-25.el3
  • bind-libs-20:9.2.4-25.el3
  • bind-utils-20:9.2.4-25.el3
refmap via4
bugtraq
  • 20090729 rPSA-2009-0113-1 bind bind-utils
  • 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
cert-vn VU#725188
confirm
fedora FEDORA-2009-8119
netbsd NetBSD-SA2009-013
openbsd [4.4] 014: RELIABILITY FIX: July 29, 2009
sectrack 1022613
secunia
  • 36035
  • 36038
  • 36050
  • 36053
  • 36056
  • 36063
  • 36086
  • 36098
  • 36192
  • 37471
  • 39334
slackware SSA:2009-210-01
sunalert
  • 1020788
  • 264828
ubuntu USN-808-1
vupen
  • ADV-2009-2036
  • ADV-2009-2088
  • ADV-2009-2171
  • ADV-2009-2247
  • ADV-2009-3316
Last major update 04-04-2016 - 11:50
Published 29-07-2009 - 13:30
Last modified 10-10-2018 - 15:30
Back to Top