Test ID:	1.3.6.1.4.1.25623.1.0.882424
Category:	CentOS Local Security Checks
Title:	CentOS Update for bind97 CESA-2016:0458 centos5
Summary:	Check the version of bind97
Description:	Summary: Check the version of bind97 Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named) a resolver library (routines for applications to use when interfacing with DNS) and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. (CVE-2016-1286) A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. (CVE-2016-1285) Red Hat would like to thank ISC for reporting these issues. All bind97 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind97 on CentOS 5 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1285 Debian Security Information: DSA-3511 (Google Search) http://www.debian.org/security/2016/dsa-3511 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html FreeBSD Security Advisory: FreeBSD-SA-16:13 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc https://security.gentoo.org/glsa/201610-07 HPdes Security Advisory: HPSBUX03583 http://marc.info/?l=bugtraq&m=146191105921542&w=2 HPdes Security Advisory: SSRT110084 RedHat Security Advisories: RHSA-2016:0562 http://rhn.redhat.com/errata/RHSA-2016-0562.html RedHat Security Advisories: RHSA-2016:0601 http://rhn.redhat.com/errata/RHSA-2016-0601.html http://www.securitytracker.com/id/1035236 SuSE Security Announcement: SUSE-SU-2016:0759 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html SuSE Security Announcement: SUSE-SU-2016:0780 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html SuSE Security Announcement: SUSE-SU-2016:0825 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html SuSE Security Announcement: SUSE-SU-2016:1541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:0827 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html SuSE Security Announcement: openSUSE-SU-2016:0830 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html SuSE Security Announcement: openSUSE-SU-2016:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html SuSE Security Announcement: openSUSE-SU-2016:0859 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html http://www.ubuntu.com/usn/USN-2925-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1286 http://www.securitytracker.com/id/1035237
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.