Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57991
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0044
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0044.

ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.

A flaw was found in the way BIND processed certain DNS query responses. On
servers that had enabled DNSSEC validation, this could allow an remote
attacker to cause a denial of service. (CVE-2007-0494)

For users of Red Hat Enterprise Linux 3, the previous BIND update caused an
incompatible change to the default configuration that resulted in rndc not
sharing the key with the named daemon. This update corrects this bug and
restores the behavior prior to that update.

Updating the bind package in Red Hat Enterprise Linux 3 could result in
nonfunctional configuration in case the bind-libs package was not updated.
This update corrects this bug by adding the correct dependency on bind-libs.

Users of BIND are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0044.html
http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
4.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0494
AIX APAR: IY95618
http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618
AIX APAR: IY95619
http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619
AIX APAR: IY96144
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144
AIX APAR: IY96324
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
BugTraq ID: 22231
http://www.securityfocus.com/bid/22231
Debian Security Information: DSA-1254 (Google Search)
http://www.debian.org/security/2007/dsa-1254
http://fedoranews.org/cms/node/2507
http://fedoranews.org/cms/node/2537
FreeBSD Security Advisory: FreeBSD-SA-07:02
http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://security.gentoo.org/glsa/glsa-200702-06.xml
HPdes Security Advisory: HPSBTU02207
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
HPdes Security Advisory: HPSBUX02219
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
HPdes Security Advisory: SSRT061213
HPdes Security Advisory: SSRT061239
HPdes Security Advisory: SSRT061273
HPdes Security Advisory: SSRT071304
http://www.mandriva.com/security/advisories?name=MDKSA-2007:030
http://marc.info/?l=bind-announce&m=116968519300764&w=2
NETBSD Security Advisory: NetBSD-SA2007-003
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523
http://www.redhat.com/support/errata/RHSA-2007-0044.html
http://www.redhat.com/support/errata/RHSA-2007-0057.html
http://securitytracker.com/id?1017573
http://secunia.com/advisories/23904
http://secunia.com/advisories/23924
http://secunia.com/advisories/23943
http://secunia.com/advisories/23944
http://secunia.com/advisories/23972
http://secunia.com/advisories/23974
http://secunia.com/advisories/23977
http://secunia.com/advisories/24014
http://secunia.com/advisories/24048
http://secunia.com/advisories/24054
http://secunia.com/advisories/24083
http://secunia.com/advisories/24129
http://secunia.com/advisories/24203
http://secunia.com/advisories/24284
http://secunia.com/advisories/24648
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://secunia.com/advisories/25402
http://secunia.com/advisories/25482
http://secunia.com/advisories/25649
http://secunia.com/advisories/25715
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
SGI Security Advisory: 20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1
SuSE Security Announcement: SUSE-SA:2007:014 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html
http://www.trustix.org/errata/2007/0005
http://www.ubuntu.com/usn/usn-418-1
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/1939
http://www.vupen.com/english/advisories/2007/2002
http://www.vupen.com/english/advisories/2007/2163
http://www.vupen.com/english/advisories/2007/2245
http://www.vupen.com/english/advisories/2007/2315
http://www.vupen.com/english/advisories/2007/3229
XForce ISS Database: bind-rrsets-dos(31838)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31838
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.