Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.2.2021.1396
Category:Huawei EulerOS Local Security Checks
Title:Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1396)
Summary:The remote host is missing an update for the Huawei EulerOS 'bind' package(s) announced via the EulerOS-SA-2021-1396 advisory.
Description:Summary:
The remote host is missing an update for the Huawei EulerOS 'bind' package(s) announced via the EulerOS-SA-2021-1396 advisory.

Vulnerability Insight:
A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named process to crash or possibly perform remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.(CVE-2020-8625)

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.(CVE-2016-9147)

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.(CVE-2017-3135)

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.(CVE-2017-3137)

apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.(CVE-2015-8704)

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.(CVE-2016-9444)

Affected Software/OS:
'bind' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-8704
BugTraq ID: 81329
http://www.securityfocus.com/bid/81329
Debian Security Information: DSA-3449 (Google Search)
http://www.debian.org/security/2016/dsa-3449
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178045.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175973.html
FreeBSD Security Advisory: FreeBSD-SA-16:08
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:08.bind.asc
https://security.gentoo.org/glsa/201610-07
HPdes Security Advisory: HPSBUX03552
http://marc.info/?l=bugtraq&m=145680832702035&w=2
HPdes Security Advisory: SSRT102983
RedHat Security Advisories: RHSA-2016:0073
http://rhn.redhat.com/errata/RHSA-2016-0073.html
RedHat Security Advisories: RHSA-2016:0074
http://rhn.redhat.com/errata/RHSA-2016-0074.html
http://www.securitytracker.com/id/1034739
SuSE Security Announcement: SUSE-SU-2016:0174 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00019.html
SuSE Security Announcement: SUSE-SU-2016:0180 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:0200 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00024.html
SuSE Security Announcement: SUSE-SU-2016:0227 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html
SuSE Security Announcement: openSUSE-SU-2016:0197 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00022.html
SuSE Security Announcement: openSUSE-SU-2016:0199 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00023.html
SuSE Security Announcement: openSUSE-SU-2016:0204 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00025.html
http://www.ubuntu.com/usn/USN-2874-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-9147
BugTraq ID: 95390
http://www.securityfocus.com/bid/95390
Debian Security Information: DSA-3758 (Google Search)
http://www.debian.org/security/2017/dsa-3758
https://security.gentoo.org/glsa/201708-01
RedHat Security Advisories: RHSA-2017:0062
http://rhn.redhat.com/errata/RHSA-2017-0062.html
RedHat Security Advisories: RHSA-2017:0063
http://rhn.redhat.com/errata/RHSA-2017-0063.html
RedHat Security Advisories: RHSA-2017:0064
http://rhn.redhat.com/errata/RHSA-2017-0064.html
RedHat Security Advisories: RHSA-2017:1582
https://access.redhat.com/errata/RHSA-2017:1582
RedHat Security Advisories: RHSA-2017:1583
https://access.redhat.com/errata/RHSA-2017:1583
http://www.securitytracker.com/id/1037582
Common Vulnerability Exposure (CVE) ID: CVE-2016-9444
BugTraq ID: 95393
http://www.securityfocus.com/bid/95393
Common Vulnerability Exposure (CVE) ID: CVE-2017-3135
BugTraq ID: 96150
http://www.securityfocus.com/bid/96150
Debian Security Information: DSA-3795 (Google Search)
https://www.debian.org/security/2017/dsa-3795
RedHat Security Advisories: RHSA-2017:0276
http://rhn.redhat.com/errata/RHSA-2017-0276.html
http://www.securitytracker.com/id/1037801
Common Vulnerability Exposure (CVE) ID: CVE-2017-3137
BugTraq ID: 97651
http://www.securityfocus.com/bid/97651
Debian Security Information: DSA-3854 (Google Search)
https://www.debian.org/security/2017/dsa-3854
RedHat Security Advisories: RHSA-2017:1095
https://access.redhat.com/errata/RHSA-2017:1095
RedHat Security Advisories: RHSA-2017:1105
https://access.redhat.com/errata/RHSA-2017:1105
http://www.securitytracker.com/id/1038258
http://www.securitytracker.com/id/1040195
Common Vulnerability Exposure (CVE) ID: CVE-2020-8625
https://kb.isc.org/v1/docs/cve-2020-8625
Debian Security Information: DSA-4857 (Google Search)
https://www.debian.org/security/2021/dsa-4857
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QWCMBOSZOJIIET7BWTRYS3HLX5TSDKHX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYXAF7G45RXDVNUTWWCI2CVTHRZ67LST/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ/
https://www.zerodayinitiative.com/advisories/ZDI-21-195/
https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html
http://www.openwall.com/lists/oss-security/2021/02/19/1
http://www.openwall.com/lists/oss-security/2021/02/20/2
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.