ID de Prueba:	1.3.6.1.4.1.25623.1.0.120621
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-631)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-631 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2015-631 advisory. Vulnerability Insight: An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible and could be used as a denial-of-service vector against servers performing recursive queries. (CVE-2015-8000) CVE-2015-8461 was also issued today for bind, but the Amazon Linux AMI's version of bind is not impacted by that CVE. Affected Software/OS: 'bind' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8000 BugTraq ID: 79349 http://www.securityfocus.com/bid/79349 Debian Security Information: DSA-3420 (Google Search) http://www.debian.org/security/2015/dsa-3420 http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174520.html HPdes Security Advisory: HPSBUX03552 http://marc.info/?l=bugtraq&m=145680832702035&w=2 HPdes Security Advisory: SSRT102983 http://packetstormsecurity.com/files/134882/FreeBSD-Security-Advisory-BIND-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:2655 http://rhn.redhat.com/errata/RHSA-2015-2655.html RedHat Security Advisories: RHSA-2015:2656 http://rhn.redhat.com/errata/RHSA-2015-2656.html RedHat Security Advisories: RHSA-2015:2658 http://rhn.redhat.com/errata/RHSA-2015-2658.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1034418 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966 SuSE Security Announcement: SUSE-SU-2015:2340 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html SuSE Security Announcement: SUSE-SU-2015:2341 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html SuSE Security Announcement: SUSE-SU-2015:2359 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:2364 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html SuSE Security Announcement: openSUSE-SU-2015:2365 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html SuSE Security Announcement: openSUSE-SU-2015:2391 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html http://www.ubuntu.com/usn/USN-2837-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.