oval:org.mitre.oval:def:13728

Definition Id: oval:org.mitre.oval:def:13728

Oval ID:	oval:org.mitre.oval:def:13728
Title:	DSA-1961-1 bind9 -- DNS cache poisoning
Description:	Michael Sinatra discovered that the DNS resolver component in BIND does not properly check DNS records contained in additional sections of DNS responses, leading to a cache poisoning vulnerability. This vulnerability is only present in resolvers which have been configured with DNSSEC trust anchors, which is still rare. Note that this update contains an internal ABI change, which means that all BIND-related packages must be updated at the same time. In the unlikely event that you have compiled your own software against libdns, you must recompile this program, too. For the old stable distribution, this problem has been fixed in version 1:9.3.4-2etch6. For the stable distribution, this problem has been fixed in version 1:9.5.1.dfsg.P3-1+lenny1. For the unstable distribution and the testing distribution, this problem has been fixed in version 9.6.1.dfsg.P2-1. We recommend that you upgrade your bind9 packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1961-1 CVE-2009-4022	Version:	7
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	bind9
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Architecture section Architecture independent section Installed architecture is all AND ind9-doc DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 OR Architecture depended section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libisc45 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND libisccc40 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND libisccfg40 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND libbind9-40 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND ind9 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND ind9utils DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND liblwres40 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND libbind-dev DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND libdns45 DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND ind9-host DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND nsutils DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 AND lwresd DPKG is earlier than 1:9.5.1.dfsg.P3-1+lenny1 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND ind9-doc DPKG is earlier than 1:9.3.4-2etch6 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libbind-dev DPKG is earlier than 1:9.3.4-2etch6 AND libdns22 DPKG is earlier than 1:9.3.4-2etch6 AND libisccfg1 DPKG is earlier than 1:9.3.4-2etch6 AND libisccc0 DPKG is earlier than 1:9.3.4-2etch6 AND libisc11 DPKG is earlier than 1:9.3.4-2etch6 AND ind9 DPKG is earlier than 1:9.3.4-2etch6 AND libbind9-0 DPKG is earlier than 1:9.3.4-2etch6 AND ind9-host DPKG is earlier than 1:9.3.4-2etch6 AND nsutils DPKG is earlier than 1:9.3.4-2etch6 AND liblwres9 DPKG is earlier than 1:9.3.4-2etch6 AND lwresd DPKG is earlier than 1:9.3.4-2etch6

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:13728

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:13728

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0409s

Facebook rss twitter linkedin mail