Test ID:	1.3.6.1.4.1.25623.1.0.703511
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-3511-1)
Summary:	The remote host is missing an update for the Debian 'bind9' package(s) announced via the DSA-3511-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'bind9' package(s) announced via the DSA-3511-1 advisory. Vulnerability Insight: Two vulnerabilities have been discovered in ISC's BIND DNS server. CVE-2016-1285 A maliciously crafted rdnc, a way to remotely administer a BIND server, operation can cause named to crash, resulting in denial of service. CVE-2016-1286 An error parsing DNAME resource records can cause named to crash, resulting in denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u10. For the stable distribution (jessie), these problems have been fixed in version 1:9.9.5.dfsg-9+deb8u6. For the testing (stretch) and unstable (sid) distributions, these problems will be fixed soon. We recommend that you upgrade your bind9 packages. Affected Software/OS: 'bind9' package(s) on Debian 7, Debian 8. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1285 Debian Security Information: DSA-3511 (Google Search) http://www.debian.org/security/2016/dsa-3511 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html FreeBSD Security Advisory: FreeBSD-SA-16:13 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc https://security.gentoo.org/glsa/201610-07 HPdes Security Advisory: HPSBUX03583 http://marc.info/?l=bugtraq&m=146191105921542&w=2 HPdes Security Advisory: SSRT110084 RedHat Security Advisories: RHSA-2016:0562 http://rhn.redhat.com/errata/RHSA-2016-0562.html RedHat Security Advisories: RHSA-2016:0601 http://rhn.redhat.com/errata/RHSA-2016-0601.html http://www.securitytracker.com/id/1035236 SuSE Security Announcement: SUSE-SU-2016:0759 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html SuSE Security Announcement: SUSE-SU-2016:0780 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html SuSE Security Announcement: SUSE-SU-2016:0825 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html SuSE Security Announcement: SUSE-SU-2016:1541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:0827 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html SuSE Security Announcement: openSUSE-SU-2016:0830 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html SuSE Security Announcement: openSUSE-SU-2016:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html SuSE Security Announcement: openSUSE-SU-2016:0859 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html http://www.ubuntu.com/usn/USN-2925-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1286 http://www.securitytracker.com/id/1035237
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.