ID de Prueba:	1.3.6.1.4.1.25623.1.0.881421
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for bind CESA-2010:1000 centos4 x86_64
Resumen:	The remote host is missing an update for the 'bind'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the referenced advisory. Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named), a resolver library (routines for applications to use when interfacing with DNS), and tools for verifying that the DNS server is operating correctly. It was discovered that named did not invalidate previously cached SIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named. (CVE-2010-3613) All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind on CentOS 4 Solution: Please install the updated packages. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3613 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 45133 http://www.securityfocus.com/bid/45133 Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search) http://www.securityfocus.com/archive/1/516909/100/0/threaded CERT/CC vulnerability note: VU#706148 http://www.kb.cert.org/vuls/id/706148 Debian Security Information: DSA-2130 (Google Search) http://www.debian.org/security/2010/dsa-2130 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html HPdes Security Advisory: HPSBUX02655 http://marc.info/?l=bugtraq&m=130270720601677&w=2 HPdes Security Advisory: SSRT100353 http://www.mandriva.com/security/advisories?name=MDVSA-2010:253 http://lists.vmware.com/pipermail/security-announce/2011/000126.html NETBSD Security Advisory: NetBSD-SA2011-001 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc http://www.osvdb.org/69558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601 http://www.redhat.com/support/errata/RHSA-2010-0975.html http://www.redhat.com/support/errata/RHSA-2010-0976.html http://www.redhat.com/support/errata/RHSA-2010-1000.html http://securitytracker.com/id?1024817 http://secunia.com/advisories/42374 http://secunia.com/advisories/42459 http://secunia.com/advisories/42522 http://secunia.com/advisories/42671 http://secunia.com/advisories/42707 http://secunia.com/advisories/43141 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190 http://www.ubuntu.com/usn/USN-1025-1 http://www.vupen.com/english/advisories/2010/3102 http://www.vupen.com/english/advisories/2010/3103 http://www.vupen.com/english/advisories/2010/3138 http://www.vupen.com/english/advisories/2010/3139 http://www.vupen.com/english/advisories/2010/3140 http://www.vupen.com/english/advisories/2011/0267 http://www.vupen.com/english/advisories/2011/0606
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.