Denial of Service : ISC BIND Delegation Handling Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.806080

Categoría: Denial of Service

Título: ISC BIND Delegation Handling Denial of Service Vulnerability

Resumen: ISC BIND is prone to a denial of service vulnerability.

Descripción: Summary:
ISC BIND is prone to a denial of service vulnerability.

Vulnerability Insight:
The flaw exists because ISC BIND does not handle
delegation chaining properly.

Vulnerability Impact:
Successful exploitation will allow attackers
to cause a denial of service for clients.

Affected Software/OS:
ISC BIND versions 9.0.x through 9.8.x,
9.9.0 through 9.9.6, and 9.10.0 through 9.10.1.

Solution:
Update to ISC BIND version 9.9.6-p1 or
9.10.1-p1 or later for branches of BIND (9.9 and 9.10).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-8500
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
BugTraq ID: 71590
http://www.securityfocus.com/bid/71590
CERT/CC vulnerability note: VU#264212
http://www.kb.cert.org/vuls/id/264212
Debian Security Information: DSA-3094 (Google Search)
http://www.debian.org/security/2014/dsa-3094
http://security.gentoo.org/glsa/glsa-201502-03.xml
HPdes Security Advisory: HPSBUX03235
http://marc.info/?l=bugtraq&m=142180687100892&w=2
HPdes Security Advisory: HPSBUX03400
http://marc.info/?l=bugtraq&m=144000632319155&w=2
HPdes Security Advisory: SSRT101750
HPdes Security Advisory: SSRT102211
http://www.mandriva.com/security/advisories?name=MDVSA-2015:165
http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html
NETBSD Security Advisory: NetBSD-SA2015-002
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc
RedHat Security Advisories: RHSA-2016:0078
http://rhn.redhat.com/errata/RHSA-2016-0078.html
http://securitytracker.com/id?1031311
http://secunia.com/advisories/62064
http://secunia.com/advisories/62122
SuSE Security Announcement: SUSE-SU-2015:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:0096 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html
SuSE Security Announcement: SUSE-SU-2015:0480 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:0488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html
SuSE Security Announcement: openSUSE-SU-2015:1250 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
http://ubuntu.com/usn/usn-2437-1

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.806080
Categoría:	Denial of Service
Título:	ISC BIND Delegation Handling Denial of Service Vulnerability
Resumen:	ISC BIND is prone to a denial of service vulnerability.
Descripción:	Summary: ISC BIND is prone to a denial of service vulnerability. Vulnerability Insight: The flaw exists because ISC BIND does not handle delegation chaining properly. Vulnerability Impact: Successful exploitation will allow attackers to cause a denial of service for clients. Affected Software/OS: ISC BIND versions 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1. Solution: Update to ISC BIND version 9.9.6-p1 or 9.10.1-p1 or later for branches of BIND (9.9 and 9.10). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8500 http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 71590 http://www.securityfocus.com/bid/71590 CERT/CC vulnerability note: VU#264212 http://www.kb.cert.org/vuls/id/264212 Debian Security Information: DSA-3094 (Google Search) http://www.debian.org/security/2014/dsa-3094 http://security.gentoo.org/glsa/glsa-201502-03.xml HPdes Security Advisory: HPSBUX03235 http://marc.info/?l=bugtraq&m=142180687100892&w=2 HPdes Security Advisory: HPSBUX03400 http://marc.info/?l=bugtraq&m=144000632319155&w=2 HPdes Security Advisory: SSRT101750 HPdes Security Advisory: SSRT102211 http://www.mandriva.com/security/advisories?name=MDVSA-2015:165 http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html NETBSD Security Advisory: NetBSD-SA2015-002 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html http://securitytracker.com/id?1031311 http://secunia.com/advisories/62064 http://secunia.com/advisories/62122 SuSE Security Announcement: SUSE-SU-2015:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html SuSE Security Announcement: SUSE-SU-2015:0096 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html SuSE Security Announcement: SUSE-SU-2015:0480 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html SuSE Security Announcement: SUSE-SU-2015:0488 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:1250 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html http://ubuntu.com/usn/usn-2437-1
Copyright	Copyright (C) 2015 Greenbone AG