English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.66373
Kategorie:Mandrake Local Security Checks
Titel:Mandriva Security Advisory MDVSA-2009:313-1 (bind)
Zusammenfassung:The remote host is missing an update to bind;announced via advisory MDVSA-2009:313-1.
Beschreibung:Summary:
The remote host is missing an update to bind
announced via advisory MDVSA-2009:313-1.

Vulnerability Insight:
Some vulnerabilities were discovered and corrected in bind:

Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5
before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3,
and 9.0.x through 9.3.x with DNSSEC validation enabled and checking
disabled (CD), allows remote attackers to conduct DNS cache poisoning
attacks via additional sections in a response sent for resolution
of a recursive client query, which is not properly handled when the
response is processed at the same time as requesting DNSSEC records
(DO). (CVE-2009-4022).

Additionally BIND has been upgraded to the latest point release or
closest supported version by ISC.

Update:

Packages for 2008.0 are being provided due to extended support for
Corporate products.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-4022
1021660
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1
1021798
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
37118
http://www.securityfocus.com/bid/37118
37426
http://secunia.com/advisories/37426
37491
http://secunia.com/advisories/37491
38219
http://secunia.com/advisories/38219
38240
http://secunia.com/advisories/38240
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
39334
http://secunia.com/advisories/39334
40730
http://secunia.com/advisories/40730
60493
http://osvdb.org/60493
ADV-2009-3335
http://www.vupen.com/english/advisories/2009/3335
ADV-2010-0176
http://www.vupen.com/english/advisories/2010/0176
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
ADV-2010-0622
http://www.vupen.com/english/advisories/2010/0622
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
FEDORA-2009-12218
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html
FEDORA-2009-12233
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html
IZ68597
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597
IZ71667
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667
IZ71774
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774
MDVSA-2009:304
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304
RHSA-2009:1620
http://www.redhat.com/support/errata/RHSA-2009-1620.html
USN-888-1
http://www.ubuntu.com/usn/USN-888-1
VU#418861
http://www.kb.cert.org/vuls/id/418861
[oss-security] 20091124 CVE request: BIND 9 bug involving DNSSEC and the additional section
http://www.openwall.com/lists/oss-security/2009/11/24/2
[oss-security] 20091124 Re: a new bind issue
http://www.openwall.com/lists/oss-security/2009/11/24/8
[oss-security] 20091124 a new bind issue
http://www.openwall.com/lists/oss-security/2009/11/24/1
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
bind-dnssec-cache-poisoning(54416)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54416
ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt
http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc
http://support.apple.com/kb/HT5002
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
https://bugzilla.redhat.com/show_bug.cgi?id=538744
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
https://issues.rpath.com/browse/RPL-3152
https://www.isc.org/advisories/CVE-2009-4022v6
https://www.isc.org/advisories/CVE2009-4022
oval:org.mitre.oval:def:10821
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821
oval:org.mitre.oval:def:11745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745
oval:org.mitre.oval:def:7261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261
oval:org.mitre.oval:def:7459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459
CopyrightCopyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.