Test Kennung:	1.3.6.1.4.1.25623.1.0.105366
Kategorie:	F5 Local Security Checks
Titel:	F5 BIG-IP - BIND vulnerability CVE-2015-5477
Zusammenfassung:	The remote host is missing a security patch.
Beschreibung:	Summary: The remote host is missing a security patch. Vulnerability Insight: An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. (CVE-2015-5477) Vulnerability Impact: A remote attacker may be able to cause a denial-of-service (DoS) attack on the BIG-IP system's local instance of BIND by using a specially crafted DNS request in configurations that expose BIND to requests from untrusted users.Note: If the BIND daemon stops responding, services that do not rely on the use of local instances of BIND will continue to function. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5477 BugTraq ID: 76092 http://www.securityfocus.com/bid/76092 Debian Security Information: DSA-3319 (Google Search) http://www.debian.org/security/2015/dsa-3319 https://www.exploit-db.com/exploits/37721/ https://www.exploit-db.com/exploits/37723/ http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163015.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163006.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163007.html https://security.gentoo.org/glsa/201510-01 HPdes Security Advisory: HPSBOV03506 http://marc.info/?l=bugtraq&m=144181171013996&w=2 HPdes Security Advisory: HPSBUX03400 http://marc.info/?l=bugtraq&m=144000632319155&w=2 HPdes Security Advisory: HPSBUX03410 http://marc.info/?l=bugtraq&m=144017354030745&w=2 HPdes Security Advisory: HPSBUX03511 http://marc.info/?l=bugtraq&m=144294073801304&w=2 HPdes Security Advisory: SSRT102175 HPdes Security Advisory: SSRT102211 HPdes Security Advisory: SSRT102248 http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:1513 http://rhn.redhat.com/errata/RHSA-2015-1513.html RedHat Security Advisories: RHSA-2015:1514 http://rhn.redhat.com/errata/RHSA-2015-1514.html RedHat Security Advisories: RHSA-2015:1515 http://rhn.redhat.com/errata/RHSA-2015-1515.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1033100 SuSE Security Announcement: SUSE-SU-2015:1304 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html SuSE Security Announcement: SUSE-SU-2015:1305 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html SuSE Security Announcement: SUSE-SU-2015:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html SuSE Security Announcement: SUSE-SU-2015:1322 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:1326 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html SuSE Security Announcement: openSUSE-SU-2015:1335 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html http://www.ubuntu.com/usn/USN-2693-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.