ID de Prueba:	1.3.6.1.4.1.25623.1.0.106060
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS SRX and J-Series BIND DoS Vulnerability
Resumen:	Junos OS BIND on SRX-Series and J-Series is prone to a;Denial of Service vulnerability.
Descripción:	Summary: Junos OS BIND on SRX-Series and J-Series is prone to a Denial of Service vulnerability. Vulnerability Insight: A vulnerability in ISC BIND's handling of queries for TKEY records may allow remote attackers to terminate the daemon process on an assertion failure. This issue affects only SRX-Series and J-Series configured with DNS Proxy server services enabled. This issue can affect both standalone and HA configurations. Vulnerability Impact: Remote attackers can cause a denial of service to the DNS proxy server. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1 Solution: New builds of Junos OS software are available from Juniper. As a workaround disable the DNS proxy. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5477 BugTraq ID: 76092 http://www.securityfocus.com/bid/76092 Debian Security Information: DSA-3319 (Google Search) http://www.debian.org/security/2015/dsa-3319 https://www.exploit-db.com/exploits/37721/ https://www.exploit-db.com/exploits/37723/ http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163015.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163006.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163007.html https://security.gentoo.org/glsa/201510-01 HPdes Security Advisory: HPSBOV03506 http://marc.info/?l=bugtraq&m=144181171013996&w=2 HPdes Security Advisory: HPSBUX03400 http://marc.info/?l=bugtraq&m=144000632319155&w=2 HPdes Security Advisory: HPSBUX03410 http://marc.info/?l=bugtraq&m=144017354030745&w=2 HPdes Security Advisory: HPSBUX03511 http://marc.info/?l=bugtraq&m=144294073801304&w=2 HPdes Security Advisory: SSRT102175 HPdes Security Advisory: SSRT102211 HPdes Security Advisory: SSRT102248 http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:1513 http://rhn.redhat.com/errata/RHSA-2015-1513.html RedHat Security Advisories: RHSA-2015:1514 http://rhn.redhat.com/errata/RHSA-2015-1514.html RedHat Security Advisories: RHSA-2015:1515 http://rhn.redhat.com/errata/RHSA-2015-1515.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1033100 SuSE Security Announcement: SUSE-SU-2015:1304 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html SuSE Security Announcement: SUSE-SU-2015:1305 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html SuSE Security Announcement: SUSE-SU-2015:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html SuSE Security Announcement: SUSE-SU-2015:1322 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:1326 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html SuSE Security Announcement: openSUSE-SU-2015:1335 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html http://www.ubuntu.com/usn/USN-2693-1
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.