English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.106748
Categoría:JunOS Local Security Checks
Título:Juniper Networks Junos OS Multiple BIND Vulnerabilities (JSA10785)
Resumen:Junos OS is prone to multiple denial of service vulnerabilities in ISC; BIND named.
Descripción:Summary:
Junos OS is prone to multiple denial of service vulnerabilities in ISC
BIND named.

Vulnerability Insight:
Multiple vulnerabilities were found in the BIND version used by Junos OS:

- buffer.c in named in ISC BIND does not properly construct responses, which allows remote attackers to cause a
denial of service via a crafted query. (CVE-2016-2776)

- named in ISC BIND allows remote attackers to cause a denial of service via a DNAME record in the answer section
of a response to a recursive query, related to db.c and resolver.c. (CVE-2016-8864)

- named in ISC BIND allows remote attackers to cause a denial of service via a malformed response to an RTYPE ANY
query. (CVE-2016-9131)

- named in ISC BIND allows remote attackers to cause a denial of service via a response containing an
inconsistency among the DNSSEC-related RRsets. (CVE-2016-9147)

- named in ISC BIND allows remote attackers to cause a denial of service via a crafted DS resource record in an
answer. (CVE-2016-9444)

Vulnerability Impact:
An attacker may cause a denial of service condition.

Affected Software/OS:
Junos OS 12.1X46, 12.3X48 and 15.1X49.

Solution:
New builds of Junos OS software are available from Juniper. As a
workaround disable the DNS proxy service.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-2776
BugTraq ID: 93188
http://www.securityfocus.com/bid/93188
https://www.exploit-db.com/exploits/40453/
FreeBSD Security Advisory: FreeBSD-SA-16:34
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:28.bind.asc
https://security.gentoo.org/glsa/201610-07
RedHat Security Advisories: RHSA-2016:1944
http://rhn.redhat.com/errata/RHSA-2016-1944.html
RedHat Security Advisories: RHSA-2016:1945
http://rhn.redhat.com/errata/RHSA-2016-1945.html
RedHat Security Advisories: RHSA-2016:2099
http://rhn.redhat.com/errata/RHSA-2016-2099.html
http://www.securitytracker.com/id/1036903
Common Vulnerability Exposure (CVE) ID: CVE-2016-8864
BugTraq ID: 94067
http://www.securityfocus.com/bid/94067
Debian Security Information: DSA-3703 (Google Search)
http://www.debian.org/security/2016/dsa-3703
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:34.bind.asc
https://security.gentoo.org/glsa/201701-26
RedHat Security Advisories: RHSA-2016:2141
http://rhn.redhat.com/errata/RHSA-2016-2141.html
RedHat Security Advisories: RHSA-2016:2142
http://rhn.redhat.com/errata/RHSA-2016-2142.html
RedHat Security Advisories: RHSA-2016:2615
http://rhn.redhat.com/errata/RHSA-2016-2615.html
RedHat Security Advisories: RHSA-2016:2871
http://rhn.redhat.com/errata/RHSA-2016-2871.html
RedHat Security Advisories: RHSA-2017:1583
https://access.redhat.com/errata/RHSA-2017:1583
http://www.securitytracker.com/id/1037156
Common Vulnerability Exposure (CVE) ID: CVE-2016-9131
BugTraq ID: 95386
http://www.securityfocus.com/bid/95386
Debian Security Information: DSA-3758 (Google Search)
http://www.debian.org/security/2017/dsa-3758
https://security.gentoo.org/glsa/201708-01
RedHat Security Advisories: RHSA-2017:0062
http://rhn.redhat.com/errata/RHSA-2017-0062.html
http://www.securitytracker.com/id/1037582
Common Vulnerability Exposure (CVE) ID: CVE-2016-9147
BugTraq ID: 95390
http://www.securityfocus.com/bid/95390
RedHat Security Advisories: RHSA-2017:0063
http://rhn.redhat.com/errata/RHSA-2017-0063.html
RedHat Security Advisories: RHSA-2017:0064
http://rhn.redhat.com/errata/RHSA-2017-0064.html
RedHat Security Advisories: RHSA-2017:1582
https://access.redhat.com/errata/RHSA-2017:1582
Common Vulnerability Exposure (CVE) ID: CVE-2016-9444
BugTraq ID: 95393
http://www.securityfocus.com/bid/95393
CopyrightCopyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.