Amazon Linux Local Security Checks : Amazon Linux: Security Advisory (ALAS-2015-465)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.120451

Categoría: Amazon Linux Local Security Checks

Título: Amazon Linux: Security Advisory (ALAS-2015-465)

Resumen: The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-465 advisory.

Descripción: Summary:
The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-465 advisory.

Vulnerability Insight:
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500)

Affected Software/OS:
'bind' package(s) on Amazon Linux.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-8500
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
BugTraq ID: 71590
http://www.securityfocus.com/bid/71590
CERT/CC vulnerability note: VU#264212
http://www.kb.cert.org/vuls/id/264212
Debian Security Information: DSA-3094 (Google Search)
http://www.debian.org/security/2014/dsa-3094
http://security.gentoo.org/glsa/glsa-201502-03.xml
HPdes Security Advisory: HPSBUX03235
http://marc.info/?l=bugtraq&m=142180687100892&w=2
HPdes Security Advisory: HPSBUX03400
http://marc.info/?l=bugtraq&m=144000632319155&w=2
HPdes Security Advisory: SSRT101750
HPdes Security Advisory: SSRT102211
http://www.mandriva.com/security/advisories?name=MDVSA-2015:165
http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html
NETBSD Security Advisory: NetBSD-SA2015-002
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc
RedHat Security Advisories: RHSA-2016:0078
http://rhn.redhat.com/errata/RHSA-2016-0078.html
http://securitytracker.com/id?1031311
http://secunia.com/advisories/62064
http://secunia.com/advisories/62122
SuSE Security Announcement: SUSE-SU-2015:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:0096 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html
SuSE Security Announcement: SUSE-SU-2015:0480 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:0488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html
SuSE Security Announcement: openSUSE-SU-2015:1250 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
http://ubuntu.com/usn/usn-2437-1

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.120451
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-465)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-465 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-465 advisory. Vulnerability Insight: A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) Affected Software/OS: 'bind' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8500 http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 71590 http://www.securityfocus.com/bid/71590 CERT/CC vulnerability note: VU#264212 http://www.kb.cert.org/vuls/id/264212 Debian Security Information: DSA-3094 (Google Search) http://www.debian.org/security/2014/dsa-3094 http://security.gentoo.org/glsa/glsa-201502-03.xml HPdes Security Advisory: HPSBUX03235 http://marc.info/?l=bugtraq&m=142180687100892&w=2 HPdes Security Advisory: HPSBUX03400 http://marc.info/?l=bugtraq&m=144000632319155&w=2 HPdes Security Advisory: SSRT101750 HPdes Security Advisory: SSRT102211 http://www.mandriva.com/security/advisories?name=MDVSA-2015:165 http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html NETBSD Security Advisory: NetBSD-SA2015-002 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html http://securitytracker.com/id?1031311 http://secunia.com/advisories/62064 http://secunia.com/advisories/62122 SuSE Security Announcement: SUSE-SU-2015:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html SuSE Security Announcement: SUSE-SU-2015:0096 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html SuSE Security Announcement: SUSE-SU-2015:0480 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html SuSE Security Announcement: SUSE-SU-2015:0488 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:1250 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html http://ubuntu.com/usn/usn-2437-1
Copyright	Copyright (C) 2015 Greenbone AG