ID de Prueba:	1.3.6.1.4.1.25623.1.0.120089
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-594)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-594 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-594 advisory. Vulnerability Insight: As discussed upstream, parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key. (CVE-2015-5722) Also disclosed upstream today was CVE-2015-5986 which does not impact the version of bind in the Amazon Linux AMI. Affected Software/OS: 'bind' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5722 http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html BugTraq ID: 76605 http://www.securityfocus.com/bid/76605 Debian Security Information: DSA-3350 (Google Search) http://www.debian.org/security/2015/dsa-3350 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165996.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168686.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165750.html https://security.gentoo.org/glsa/201510-01 HPdes Security Advisory: HPSBUX03511 http://marc.info/?l=bugtraq&m=144294073801304&w=2 HPdes Security Advisory: SSRT102248 RedHat Security Advisories: RHSA-2015:1705 http://rhn.redhat.com/errata/RHSA-2015-1705.html RedHat Security Advisories: RHSA-2015:1706 http://rhn.redhat.com/errata/RHSA-2015-1706.html RedHat Security Advisories: RHSA-2015:1707 http://rhn.redhat.com/errata/RHSA-2015-1707.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1033452 SuSE Security Announcement: SUSE-SU-2015:1480 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html SuSE Security Announcement: SUSE-SU-2015:1481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html SuSE Security Announcement: SUSE-SU-2015:1496 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:1597 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html SuSE Security Announcement: openSUSE-SU-2015:1667 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html http://www.ubuntu.com/usn/USN-2728-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.