|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for bind RHSA-2017:1679-01|
|Summary:||The remote host is missing an update for the 'bind'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'bind'
package(s) announced via the referenced advisory.
The Berkeley Internet Name Domain (BIND) is
an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS
server (named) a resolver library (routines for applications to use when
interfacing with DNS) and tools for verifying that the DNS server is operating
correctly. Security Fix(es): * A flaw was found in the way BIND handled TSIG
authentication for dynamic updates. A remote attacker able to communicate with
an authoritative BIND server could use this flaw to manipulate the contents of a
zone, by forging a valid TSIG or SIG(0) signature for a dynamic update request.
(CVE-2017-3143) * A flaw was found in the way BIND handled TSIG authentication
of AXFR requests. A remote attacker, able to communicate with an authoritative
BIND server, could use this flaw to view the entire contents of a zone by
sending a specially constructed request packet. (CVE-2017-3142) Red Hat would
like to thank Internet Systems Consortium for reporting these issues. Upstream
acknowledges Clement Berthaux (Synacktiv) as the original reporter of these
issues. Bug Fix(es): * ICANN is planning to perform a Root Zone DNSSEC Key
Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK,
by adding the new root zone KSK, is essential for ensuring that validating DNS
resolvers continue to function following the rollover. (BZ#1458234)
bind on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2017-3142|
BugTraq ID: 99339
Debian Security Information: DSA-3904 (Google Search)
RedHat Security Advisories: RHSA-2017:1679
RedHat Security Advisories: RHSA-2017:1680
Common Vulnerability Exposure (CVE) ID: CVE-2017-3143
BugTraq ID: 99337
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.