English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.61464
Kategorie:Slackware Local Security Checks
Titel:Slackware: Security Advisory (SSA:2008-191-02)
Zusammenfassung:The remote host is missing an update for the 'bind' package(s) announced via the SSA:2008-191-02 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'bind' package(s) announced via the SSA:2008-191-02 advisory.

Vulnerability Insight:
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, and -current to address a security problem.

More details may be found at the following links:

[links moved to references]


Here are the details from the Slackware 12.1 ChangeLog:
+--------------------------+
patches/packages/bind-9.4.2_P1-i486-1_slack12.1.tgz:
Upgraded to bind-9.4.2-P1.
This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
'A weakness in the DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack.'
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to DNS cache poisoning attacks.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'bind' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-1447
AIX APAR: IZ26667
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667
AIX APAR: IZ26668
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668
AIX APAR: IZ26669
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669
AIX APAR: IZ26670
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670
AIX APAR: IZ26671
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671
AIX APAR: IZ26672
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
BugTraq ID: 30131
http://www.securityfocus.com/bid/30131
Bugtraq: 20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/495289/100/0/threaded
Bugtraq: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. (Google Search)
http://www.securityfocus.com/archive/1/495869/100/0/threaded
Cert/CC Advisory: TA08-190A
http://www.us-cert.gov/cas/techalerts/TA08-190A.html
Cert/CC Advisory: TA08-190B
http://www.us-cert.gov/cas/techalerts/TA08-190B.html
Cert/CC Advisory: TA08-260A
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
CERT/CC vulnerability note: VU#800113
http://www.kb.cert.org/vuls/id/800113
Cisco Security Advisory: 20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
Debian Security Information: DSA-1603 (Google Search)
http://www.debian.org/security/2008/dsa-1603
Debian Security Information: DSA-1604 (Google Search)
http://www.debian.org/security/2008/dsa-1604
Debian Security Information: DSA-1605 (Google Search)
http://www.debian.org/security/2008/dsa-1605
Debian Security Information: DSA-1619 (Google Search)
http://www.debian.org/security/2008/dsa-1619
Debian Security Information: DSA-1623 (Google Search)
http://www.debian.org/security/2008/dsa-1623
https://www.exploit-db.com/exploits/6122
https://www.exploit-db.com/exploits/6123
https://www.exploit-db.com/exploits/6130
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
FreeBSD Security Advisory: FreeBSD-SA-08:06
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
http://security.gentoo.org/glsa/glsa-200807-08.xml
http://security.gentoo.org/glsa/glsa-200812-17.xml
http://security.gentoo.org/glsa/glsa-201209-25.xml
HPdes Security Advisory: HPSBMP02404
http://marc.info/?l=bugtraq&m=123324863916385&w=2
HPdes Security Advisory: HPSBNS02405
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
HPdes Security Advisory: HPSBOV02357
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
HPdes Security Advisory: HPSBOV03226
http://marc.info/?l=bugtraq&m=141879471518471&w=2
HPdes Security Advisory: HPSBTU02358
http://marc.info/?l=bugtraq&m=121866517322103&w=2
HPdes Security Advisory: HPSBUX02351
http://marc.info/?l=bugtraq&m=121630706004256&w=2
HPdes Security Advisory: SSRT071449
HPdes Security Advisory: SSRT080058
HPdes Security Advisory: SSRT090014
HPdes Security Advisory: SSRT101004
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
http://www.doxpara.com/?p=1176
http://www.doxpara.com/DMK_BO2K8.ppt
http://www.nominum.com/asset_upload_file741_2661.pdf
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
Microsoft Security Bulletin: MS08-037
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
NETBSD Security Advisory: NetBSD-SA2008-009
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
OpenBSD Security Advisory: [4.2] 013: SECURITY FIX: July 23, 2008
http://www.openbsd.org/errata42.html#013_bind
OpenBSD Security Advisory: [4.3] 004: SECURITY FIX: July 23, 2008
http://www.openbsd.org/errata43.html#004_bind
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
RedHat Security Advisories: RHSA-2008:0533
http://rhn.redhat.com/errata/RHSA-2008-0533.html
http://www.redhat.com/support/errata/RHSA-2008-0789.html
http://www.securitytracker.com/id?1020437
http://www.securitytracker.com/id?1020438
http://www.securitytracker.com/id?1020440
http://www.securitytracker.com/id?1020448
http://www.securitytracker.com/id?1020449
http://www.securitytracker.com/id?1020548
http://www.securitytracker.com/id?1020558
http://www.securitytracker.com/id?1020560
http://www.securitytracker.com/id?1020561
http://www.securitytracker.com/id?1020575
http://www.securitytracker.com/id?1020576
http://www.securitytracker.com/id?1020577
http://www.securitytracker.com/id?1020578
http://www.securitytracker.com/id?1020579
http://www.securitytracker.com/id?1020651
http://www.securitytracker.com/id?1020653
http://www.securitytracker.com/id?1020702
http://www.securitytracker.com/id?1020802
http://www.securitytracker.com/id?1020804
http://secunia.com/advisories/30925
http://secunia.com/advisories/30973
http://secunia.com/advisories/30977
http://secunia.com/advisories/30979
http://secunia.com/advisories/30980
http://secunia.com/advisories/30988
http://secunia.com/advisories/30989
http://secunia.com/advisories/30998
http://secunia.com/advisories/31011
http://secunia.com/advisories/31012
http://secunia.com/advisories/31014
http://secunia.com/advisories/31019
http://secunia.com/advisories/31022
http://secunia.com/advisories/31030
http://secunia.com/advisories/31031
http://secunia.com/advisories/31033
http://secunia.com/advisories/31052
http://secunia.com/advisories/31065
http://secunia.com/advisories/31072
http://secunia.com/advisories/31093
http://secunia.com/advisories/31094
http://secunia.com/advisories/31137
http://secunia.com/advisories/31143
http://secunia.com/advisories/31151
http://secunia.com/advisories/31152
http://secunia.com/advisories/31153
http://secunia.com/advisories/31169
http://secunia.com/advisories/31197
http://secunia.com/advisories/31199
http://secunia.com/advisories/31204
http://secunia.com/advisories/31207
http://secunia.com/advisories/31209
http://secunia.com/advisories/31212
http://secunia.com/advisories/31213
http://secunia.com/advisories/31221
http://secunia.com/advisories/31236
http://secunia.com/advisories/31237
http://secunia.com/advisories/31254
http://secunia.com/advisories/31326
http://secunia.com/advisories/31354
http://secunia.com/advisories/31422
http://secunia.com/advisories/31430
http://secunia.com/advisories/31451
http://secunia.com/advisories/31482
http://secunia.com/advisories/31495
http://secunia.com/advisories/31588
http://secunia.com/advisories/31687
http://secunia.com/advisories/31823
http://secunia.com/advisories/31882
http://secunia.com/advisories/31900
http://secunia.com/advisories/33178
http://secunia.com/advisories/33714
http://secunia.com/advisories/33786
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
SuSE Security Announcement: SUSE-SA:2008:033 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/usn-622-1
http://www.ubuntu.com/usn/usn-627-1
http://www.vupen.com/english/advisories/2008/2019/references
http://www.vupen.com/english/advisories/2008/2023/references
http://www.vupen.com/english/advisories/2008/2025/references
http://www.vupen.com/english/advisories/2008/2029/references
http://www.vupen.com/english/advisories/2008/2030/references
http://www.vupen.com/english/advisories/2008/2050/references
http://www.vupen.com/english/advisories/2008/2051/references
http://www.vupen.com/english/advisories/2008/2052/references
http://www.vupen.com/english/advisories/2008/2055/references
http://www.vupen.com/english/advisories/2008/2092/references
http://www.vupen.com/english/advisories/2008/2113/references
http://www.vupen.com/english/advisories/2008/2114/references
http://www.vupen.com/english/advisories/2008/2123/references
http://www.vupen.com/english/advisories/2008/2139/references
http://www.vupen.com/english/advisories/2008/2166/references
http://www.vupen.com/english/advisories/2008/2195/references
http://www.vupen.com/english/advisories/2008/2196/references
http://www.vupen.com/english/advisories/2008/2197/references
http://www.vupen.com/english/advisories/2008/2268
http://www.vupen.com/english/advisories/2008/2291
http://www.vupen.com/english/advisories/2008/2334
http://www.vupen.com/english/advisories/2008/2342
http://www.vupen.com/english/advisories/2008/2377
http://www.vupen.com/english/advisories/2008/2383
http://www.vupen.com/english/advisories/2008/2384
http://www.vupen.com/english/advisories/2008/2466
http://www.vupen.com/english/advisories/2008/2467
http://www.vupen.com/english/advisories/2008/2482
http://www.vupen.com/english/advisories/2008/2525
http://www.vupen.com/english/advisories/2008/2549
http://www.vupen.com/english/advisories/2008/2558
http://www.vupen.com/english/advisories/2008/2582
http://www.vupen.com/english/advisories/2008/2584
http://www.vupen.com/english/advisories/2009/0297
http://www.vupen.com/english/advisories/2009/0311
http://www.vupen.com/english/advisories/2010/0622
XForce ISS Database: cisco-multiple-dns-cache-poisoning(43637)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637
XForce ISS Database: win-dns-client-server-spoofing(43334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334
CopyrightCopyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.