English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66661
Category:FreeBSD Local Security Checks
Title:FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)
Summary:FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)
Description:The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-10:01.bind.asc

BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server.

DNS Security Extensions (DNSSEC) provides data integrity, origin
authentication and authenticated denial of existence to resolvers.

If a client requests DNSSEC records with the Checking Disabled (CD) flag
set, BIND may cache the unvalidated responses. These responses may later
be returned to another client that has not set the CD flag.

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date

http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:01.bind.asc
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4022
http://www.openwall.com/lists/oss-security/2009/11/24/2
http://www.openwall.com/lists/oss-security/2009/11/24/8
http://www.openwall.com/lists/oss-security/2009/11/24/1
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
AIX APAR: IZ68597
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597
AIX APAR: IZ71667
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667
AIX APAR: IZ71774
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304
http://www.redhat.com/support/errata/RHSA-2009-1620.html
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1
http://www.ubuntu.com/usn/USN-888-1
CERT/CC vulnerability note: VU#418861
http://www.kb.cert.org/vuls/id/418861
BugTraq ID: 37118
http://www.securityfocus.com/bid/37118
http://osvdb.org/60493
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10821
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7459
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11745
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7261
http://secunia.com/advisories/37491
http://secunia.com/advisories/37426
http://secunia.com/advisories/38219
http://secunia.com/advisories/38240
http://secunia.com/advisories/39334
http://secunia.com/advisories/38794
http://secunia.com/advisories/38834
http://secunia.com/advisories/40730
http://www.vupen.com/english/advisories/2009/3335
http://www.vupen.com/english/advisories/2010/0176
http://www.vupen.com/english/advisories/2010/0622
http://www.vupen.com/english/advisories/2010/0528
XForce ISS Database: bind-dnssec-cache-poisoning(54416)
http://xforce.iss.net/xforce/xfdb/54416
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.