ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2015.349.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2015-349-01)
Resumen:	The remote host is missing an update for the 'bind' package(s) announced via the SSA:2015-349-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the SSA:2015-349-01 advisory. Vulnerability Insight: New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/bind-9.9.8_P2-x86_64-1_slack14.1.txz: Upgraded. This update fixes three security issues: Update allowed OpenSSL versions as named is potentially vulnerable to CVE-2015-3193. Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. (CVE-2015-8000) Address fetch context reference count handling error on socket error. (CVE-2015-8461) For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'bind' package(s) on Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware 14.0, Slackware 14.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3193 1034294 http://www.securitytracker.com/id/1034294 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl 78705 http://www.securityfocus.com/bid/78705 91787 http://www.securityfocus.com/bid/91787 SSA:2015-349-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966 SSA:2015-349-04 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583 USN-2830-1 http://www.ubuntu.com/usn/USN-2830-1 http://fortiguard.com/advisory/openssl-advisory-december-2015 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://openssl.org/news/secadv/20151203.txt http://www.fortiguard.com/advisory/openssl-advisory-december-2015 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html https://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html https://bugzilla.redhat.com/show_bug.cgi?id=1288317 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=d73cc256c8e256c32ed959456101b73ba9842f72 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322 https://kb.isc.org/article/AA-01438 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100 Common Vulnerability Exposure (CVE) ID: CVE-2015-8000 BugTraq ID: 79349 http://www.securityfocus.com/bid/79349 Debian Security Information: DSA-3420 (Google Search) http://www.debian.org/security/2015/dsa-3420 http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174520.html HPdes Security Advisory: HPSBUX03552 http://marc.info/?l=bugtraq&m=145680832702035&w=2 HPdes Security Advisory: SSRT102983 http://packetstormsecurity.com/files/134882/FreeBSD-Security-Advisory-BIND-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:2655 http://rhn.redhat.com/errata/RHSA-2015-2655.html RedHat Security Advisories: RHSA-2015:2656 http://rhn.redhat.com/errata/RHSA-2015-2656.html RedHat Security Advisories: RHSA-2015:2658 http://rhn.redhat.com/errata/RHSA-2015-2658.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1034418 SuSE Security Announcement: SUSE-SU-2015:2340 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00027.html SuSE Security Announcement: SUSE-SU-2015:2341 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00028.html SuSE Security Announcement: SUSE-SU-2015:2359 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:2364 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.html SuSE Security Announcement: openSUSE-SU-2015:2365 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.html SuSE Security Announcement: openSUSE-SU-2015:2391 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.html http://www.ubuntu.com/usn/USN-2837-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-8461 BugTraq ID: 79347 http://www.securityfocus.com/bid/79347 http://www.securitytracker.com/id/1034419
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.