Test ID:	1.3.6.1.4.1.25623.1.0.63274
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory for bind (SUSE-SA:2009:005)
Summary:	The remote host is missing updates announced in;advisory SUSE-SA:2009:005.
Description:	Summary: The remote host is missing updates announced in advisory SUSE-SA:2009:005. Vulnerability Insight: The DNS daemon bind is used to resolve and lookup addresses on the internet. Some month ago a vulnerability in the DNS protocol and its numbers was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifys the certification chain of a DNS- SEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0025 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses http://www.securityfocus.com/archive/1/499827/100/0/threaded 20090120 rPSA-2009-0009-1 bind bind-utils http://www.securityfocus.com/archive/1/500207/100/0/threaded 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim http://www.securityfocus.com/archive/1/502322/100/0/threaded 250846 http://sunsolve.sun.com/search/document.do?assetkey=1-26-250846-1 33151 http://www.securityfocus.com/bid/33151 33494 http://secunia.com/advisories/33494 33546 http://secunia.com/advisories/33546 33551 http://secunia.com/advisories/33551 33559 http://secunia.com/advisories/33559 33683 http://secunia.com/advisories/33683 33882 http://secunia.com/advisories/33882 35074 http://secunia.com/advisories/35074 ADV-2009-0043 http://www.vupen.com/english/advisories/2009/0043 ADV-2009-0366 http://www.vupen.com/english/advisories/2009/0366 ADV-2009-0904 http://www.vupen.com/english/advisories/2009/0904 ADV-2009-1297 http://www.vupen.com/english/advisories/2009/1297 APPLE-SA-2009-05-12 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html FEDORA-2009-0350 https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00393.html FreeBSD-SA-09:04 http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc HPSBOV03226 http://marc.info/?l=bugtraq&m=141879471518471&w=2 SSA:2009-014-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.540362 SSRT101004 TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33 http://support.apple.com/kb/HT3549 http://support.avaya.com/elmodocs2/security/ASA-2009-045.htm http://wiki.rpath.com/Advisories:rPSA-2009-0009 http://www.ocert.org/advisories/ocert-2008-016.html http://www.openbsd.org/errata44.html#008_bind http://www.vmware.com/security/advisories/VMSA-2009-0004.html https://issues.rpath.com/browse/RPL-2938 https://www.isc.org/software/bind/advisories/cve-2009-0025 oval:org.mitre.oval:def:10879 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10879 oval:org.mitre.oval:def:5569 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5569
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.