ID de Prueba:	1.3.6.1.4.1.25623.1.0.881311
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for bind CESA-2011:1496 centos4 x86_64
Resumen:	The remote host is missing an update for the 'bind'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the referenced advisory. Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named), a resolver library (routines for applications to use when interfacing with DNS), and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind on CentOS 4 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4313 1026335 http://www.securitytracker.com/id?1026335 46536 http://secunia.com/advisories/46536 46829 http://secunia.com/advisories/46829 46887 http://secunia.com/advisories/46887 46890 http://secunia.com/advisories/46890 46905 http://secunia.com/advisories/46905 46906 http://secunia.com/advisories/46906 46943 http://secunia.com/advisories/46943 46984 http://secunia.com/advisories/46984 47043 http://secunia.com/advisories/47043 47075 http://secunia.com/advisories/47075 48308 http://secunia.com/advisories/48308 50690 http://www.securityfocus.com/bid/50690 77159 http://osvdb.org/77159 APPLE-SA-2012-09-19-2 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html DSA-2347 http://www.debian.org/security/2011/dsa-2347 FEDORA-2011-16002 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html FEDORA-2011-16036 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html FEDORA-2011-16057 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html FreeBSD-SA-11:06 http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc HPSBOV02774 http://marc.info/?l=bugtraq&m=133978480208466&w=2 HPSBOV03226 http://marc.info/?l=bugtraq&m=141879471518471&w=2 HPSBUX02729 http://marc.info/?l=bugtraq&m=132310123002302&w=2 IV11106 http://www-01.ibm.com/support/docview.wss?uid=isg1IV11106 IV11248 http://www.ibm.com/support/docview.wss?uid=isg1IV11248 MDVSA-2011:176 http://www.mandriva.com/security/advisories?name=MDVSA-2011:176 RHSA-2011:1458 http://www.redhat.com/support/errata/RHSA-2011-1458.html RHSA-2011:1459 http://www.redhat.com/support/errata/RHSA-2011-1459.html RHSA-2011:1496 http://www.redhat.com/support/errata/RHSA-2011-1496.html SSRT100684 SSRT100687 SSRT101004 SUSE-SU-2011:1268 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html SUSE-SU-2011:1270 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html USN-1264-1 http://www.ubuntu.com/usn/USN-1264-1 VU#606539 http://www.kb.cert.org/vuls/id/606539 http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of http://support.apple.com/kb/HT5501 http://www.isc.org/software/bind/advisories/cve-2011-4313 isc-bind-recursive-dos(71332) https://exchange.xforce.ibmcloud.com/vulnerabilities/71332 openSUSE-SU-2011:1272 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html oval:org.mitre.oval:def:14343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14343
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.