Slackware Local Security Checks : Slackware: Security Advisory (SSA:2010-350-01)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68667

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2010-350-01)

Resumen: The remote host is missing an update for the 'bind' package(s) announced via the SSA:2010-350-01 advisory.

Descripción: Summary:
The remote host is missing an update for the 'bind' package(s) announced via the SSA:2010-350-01 advisory.

Vulnerability Insight:
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that
could allow attackers to successfully query private DNS records, or cause a
denial of service.

Here are the details from the Slackware 13.1 ChangeLog:
+--------------------------+
patches/packages/bind-9.4_ESV_R4-i486-1_slack13.1.txz: Upgraded.
This update fixes some security issues.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'bind' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3613
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BugTraq ID: 45133
http://www.securityfocus.com/bid/45133
Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search)
http://www.securityfocus.com/archive/1/516909/100/0/threaded
CERT/CC vulnerability note: VU#706148
http://www.kb.cert.org/vuls/id/706148
Debian Security Information: DSA-2130 (Google Search)
http://www.debian.org/security/2010/dsa-2130
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html
HPdes Security Advisory: HPSBUX02655
http://marc.info/?l=bugtraq&m=130270720601677&w=2
HPdes Security Advisory: SSRT100353
http://www.mandriva.com/security/advisories?name=MDVSA-2010:253
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
NETBSD Security Advisory: NetBSD-SA2011-001
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc
http://www.osvdb.org/69558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601
http://www.redhat.com/support/errata/RHSA-2010-0975.html
http://www.redhat.com/support/errata/RHSA-2010-0976.html
http://www.redhat.com/support/errata/RHSA-2010-1000.html
http://securitytracker.com/id?1024817
http://secunia.com/advisories/42374
http://secunia.com/advisories/42459
http://secunia.com/advisories/42522
http://secunia.com/advisories/42671
http://secunia.com/advisories/42707
http://secunia.com/advisories/43141
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
http://www.ubuntu.com/usn/USN-1025-1
http://www.vupen.com/english/advisories/2010/3102
http://www.vupen.com/english/advisories/2010/3103
http://www.vupen.com/english/advisories/2010/3138
http://www.vupen.com/english/advisories/2010/3139
http://www.vupen.com/english/advisories/2010/3140
http://www.vupen.com/english/advisories/2011/0267
http://www.vupen.com/english/advisories/2011/0606
Common Vulnerability Exposure (CVE) ID: CVE-2010-3614
BugTraq ID: 45137
http://www.securityfocus.com/bid/45137
CERT/CC vulnerability note: VU#837744
http://www.kb.cert.org/vuls/id/837744
http://www.osvdb.org/69559
http://secunia.com/advisories/42435
Common Vulnerability Exposure (CVE) ID: CVE-2010-3615
BugTraq ID: 45134
http://www.securityfocus.com/bid/45134
CERT/CC vulnerability note: VU#510208
http://www.kb.cert.org/vuls/id/510208
http://osvdb.org/69568
http://secunia.com/advisories/42458

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68667
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2010-350-01)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the SSA:2010-350-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the SSA:2010-350-01 advisory. Vulnerability Insight: New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that could allow attackers to successfully query private DNS records, or cause a denial of service. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/bind-9.4_ESV_R4-i486-1_slack13.1.txz: Upgraded. This update fixes some security issues. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'bind' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3613 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 45133 http://www.securityfocus.com/bid/45133 Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search) http://www.securityfocus.com/archive/1/516909/100/0/threaded CERT/CC vulnerability note: VU#706148 http://www.kb.cert.org/vuls/id/706148 Debian Security Information: DSA-2130 (Google Search) http://www.debian.org/security/2010/dsa-2130 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html HPdes Security Advisory: HPSBUX02655 http://marc.info/?l=bugtraq&m=130270720601677&w=2 HPdes Security Advisory: SSRT100353 http://www.mandriva.com/security/advisories?name=MDVSA-2010:253 http://lists.vmware.com/pipermail/security-announce/2011/000126.html NETBSD Security Advisory: NetBSD-SA2011-001 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc http://www.osvdb.org/69558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601 http://www.redhat.com/support/errata/RHSA-2010-0975.html http://www.redhat.com/support/errata/RHSA-2010-0976.html http://www.redhat.com/support/errata/RHSA-2010-1000.html http://securitytracker.com/id?1024817 http://secunia.com/advisories/42374 http://secunia.com/advisories/42459 http://secunia.com/advisories/42522 http://secunia.com/advisories/42671 http://secunia.com/advisories/42707 http://secunia.com/advisories/43141 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190 http://www.ubuntu.com/usn/USN-1025-1 http://www.vupen.com/english/advisories/2010/3102 http://www.vupen.com/english/advisories/2010/3103 http://www.vupen.com/english/advisories/2010/3138 http://www.vupen.com/english/advisories/2010/3139 http://www.vupen.com/english/advisories/2010/3140 http://www.vupen.com/english/advisories/2011/0267 http://www.vupen.com/english/advisories/2011/0606 Common Vulnerability Exposure (CVE) ID: CVE-2010-3614 BugTraq ID: 45137 http://www.securityfocus.com/bid/45137 CERT/CC vulnerability note: VU#837744 http://www.kb.cert.org/vuls/id/837744 http://www.osvdb.org/69559 http://secunia.com/advisories/42435 Common Vulnerability Exposure (CVE) ID: CVE-2010-3615 BugTraq ID: 45134 http://www.securityfocus.com/bid/45134 CERT/CC vulnerability note: VU#510208 http://www.kb.cert.org/vuls/id/510208 http://osvdb.org/69568 http://secunia.com/advisories/42458
Copyright	Copyright (C) 2012 Greenbone AG