|Category:||CentOS Local Security Checks|
|Title:||CentOS: Security Advisory for bind (CESA-2020:2344)|
|Summary:||The remote host is missing an update for the 'bind'; package(s) announced via the CESA-2020:2344 advisory.|
The remote host is missing an update for the 'bind'
package(s) announced via the CESA-2020:2344 advisory.
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named), a resolver
library (routines for applications to use when interfacing with DNS), and
tools for verifying that the DNS server is operating correctly.
* bind: BIND does not sufficiently limit the number of fetches performed
when processing referrals (CVE-2020-8616)
* bind: A logic error in code which checks TSIG validity can be used to
trigger an assertion failure in tsig.c (CVE-2020-8617)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
'bind' package(s) on CentOS 7.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-8616|
Debian Security Information: DSA-4689 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-8617
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.