ID de Prueba:	1.3.6.1.4.1.25623.1.0.120655
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2016-665)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2016-665 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the ALAS-2016-665 advisory. Vulnerability Insight: A defect in control channel input handling was discovered which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel. If control channel input is accepted from the network (limited to localhost by default), an unauthenticated attacker could cause named to crash. (CVE-2016-1285) An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. An attacker able to cause a server to make a query deliberately chosen to generate a malicious response can cause named to stop execution with an assertion failure, resulting in denial of service to clients. (CVE-2016-1286) Affected Software/OS: 'bind' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1285 Debian Security Information: DSA-3511 (Google Search) http://www.debian.org/security/2016/dsa-3511 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html FreeBSD Security Advisory: FreeBSD-SA-16:13 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc https://security.gentoo.org/glsa/201610-07 HPdes Security Advisory: HPSBUX03583 http://marc.info/?l=bugtraq&m=146191105921542&w=2 HPdes Security Advisory: SSRT110084 RedHat Security Advisories: RHSA-2016:0562 http://rhn.redhat.com/errata/RHSA-2016-0562.html RedHat Security Advisories: RHSA-2016:0601 http://rhn.redhat.com/errata/RHSA-2016-0601.html http://www.securitytracker.com/id/1035236 SuSE Security Announcement: SUSE-SU-2016:0759 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html SuSE Security Announcement: SUSE-SU-2016:0780 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html SuSE Security Announcement: SUSE-SU-2016:0825 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html SuSE Security Announcement: SUSE-SU-2016:1541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:0827 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html SuSE Security Announcement: openSUSE-SU-2016:0830 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html SuSE Security Announcement: openSUSE-SU-2016:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html SuSE Security Announcement: openSUSE-SU-2016:0859 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html http://www.ubuntu.com/usn/USN-2925-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1286 http://www.securitytracker.com/id/1035237
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.