English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.835007
Category:HP-UX Local Security Checks
Title:HP-UX Update for BIND v920 HPSBUX00290
Summary:Check for the Version of BIND v920
Description:

Vulnerability Insight:
1. Certain ASN.1 encodings that are rejected as invalidby the parser can
trigger a bug in the deallocationof the corresponding data structure,
corrupting thestack. This can be used as a denial of serviceattack. It is
currently unknown whether this can beexploited to run malicious code. This
issue does notaffect OpenSSL 0.9.6. an out of boundsread under certain circumstances, resulting in adenial of
service vulnerability. crashthe verify code if it is set to ignore public keydecoding errors.
Exploitation of an affectedapplication would result in a denial of
servicevulnerability. handling,a server will parse a client certificate when one isnot
specifically requested.

Impact:
Remote Denial of Service (DoS)

Affected Software/OS:
BIND v920 on
HP-UX B.11.00, B.11.11, B.11.22, and B.11.23, running BINDv920.

Fix: Please Install the Updated Packages.

References:
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00901847-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2003-0543
http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm
http://www.redhat.com/support/errata/RHSA-2003-291.html
http://www.redhat.com/support/errata/RHSA-2003-292.html
En Garde Linux Advisory: ESA-20030930-027
http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html
Debian Security Information: DSA-393 (Google Search)
http://www.debian.org/security/2003/dsa-393
Debian Security Information: DSA-394 (Google Search)
http://www.debian.org/security/2003/dsa-394
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1
http://www.cert.org/advisories/CA-2003-26.html
CERT/CC vulnerability note: VU#255484
http://www.kb.cert.org/vuls/id/255484
BugTraq ID: 8732
http://www.securityfocus.com/bid/8732
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5292
http://www.vupen.com/english/advisories/2006/3900
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4254
http://secunia.com/advisories/22249
Common Vulnerability Exposure (CVE) ID: CVE-2003-0544
CERT/CC vulnerability note: VU#380864
http://www.kb.cert.org/vuls/id/380864
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4574
XForce ISS Database: openssl-asn1-sslclient-dos(43041)
http://xforce.iss.net/xforce/xfdb/43041
Common Vulnerability Exposure (CVE) ID: CVE-2003-0545
CERT/CC vulnerability note: VU#935264
http://www.kb.cert.org/vuls/id/935264
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2590
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.