Test Kennung:	1.3.6.1.4.1.25623.1.0.810977
Kategorie:	Denial of Service
Titel:	ISC BIND Control Channel Denial of Service Vulnerability - Linux
Zusammenfassung:	ISC BIND is prone to a denial of service vulnerability.
Beschreibung:	Summary: ISC BIND is prone to a denial of service vulnerability. Vulnerability Insight: The flaw exists due to a feature in named which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service (assertion failure and daemon exit) via null command string. Affected Software/OS: ISC BIND 9.9.9 through 9.9.9-P7, 9.9.10b1 through 9.9.10rc2, 9.10.4 through 9.10.4-P7, 9.10.5b1 through 9.10.5rc2, 9.11.0 through 9.11.0-P4, 9.11.1b1 through 9.11.1rc2, 9.9.9-S1 through 9.9.9-S9. Solution: Update to ISC BIND version 9.9.9-P8 or 9.10.4-P8 or 9.11.0-P5 or 9.9.9-S10 or 9.9.10rc3 or 9.10.5rc3 or 9.11.1rc3 or later. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3138 BugTraq ID: 97657 http://www.securityfocus.com/bid/97657 Debian Security Information: DSA-3854 (Google Search) https://www.debian.org/security/2017/dsa-3854 https://security.gentoo.org/glsa/201708-01 http://www.securitytracker.com/id/1038260
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.