Test ID:	1.3.6.1.4.1.25623.1.0.882280
Category:	CentOS Local Security Checks
Title:	CentOS Update for bind CESA-2015:1705 centos6
Summary:	Check the version of bind
Description:	Summary: Check the version of bind Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named) a resolver library (routines for applications to use when interfacing with DNS) and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Hanno Bock as the original reporter. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind on CentOS 6 Solution: Please install the updated packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5722 http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html BugTraq ID: 76605 http://www.securityfocus.com/bid/76605 Debian Security Information: DSA-3350 (Google Search) http://www.debian.org/security/2015/dsa-3350 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165996.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168686.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165750.html https://security.gentoo.org/glsa/201510-01 HPdes Security Advisory: HPSBUX03511 http://marc.info/?l=bugtraq&m=144294073801304&w=2 HPdes Security Advisory: SSRT102248 RedHat Security Advisories: RHSA-2015:1705 http://rhn.redhat.com/errata/RHSA-2015-1705.html RedHat Security Advisories: RHSA-2015:1706 http://rhn.redhat.com/errata/RHSA-2015-1706.html RedHat Security Advisories: RHSA-2015:1707 http://rhn.redhat.com/errata/RHSA-2015-1707.html RedHat Security Advisories: RHSA-2016:0078 http://rhn.redhat.com/errata/RHSA-2016-0078.html RedHat Security Advisories: RHSA-2016:0079 http://rhn.redhat.com/errata/RHSA-2016-0079.html http://www.securitytracker.com/id/1033452 SuSE Security Announcement: SUSE-SU-2015:1480 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html SuSE Security Announcement: SUSE-SU-2015:1481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html SuSE Security Announcement: SUSE-SU-2015:1496 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:1597 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html SuSE Security Announcement: openSUSE-SU-2015:1667 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html http://www.ubuntu.com/usn/USN-2728-1
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.