PorkBind updated to 1.3.

PorkBind is a multi-threaded nameserver scanner that can recursively query nameservers of subdomains for version strings. (i.e. sub.host.dom’s nameservers then host.dom’s nameservers) After acquiring the version strings it tests them against version numbers from CERT advisories and reports back to the user. Zone transfer capability is also tested for

The new release comes with some changes. I’ve exchanged some emails with the tool’s author (Derek Callaway) and made him a request (add CVE Ids).

Now the tool scans for 14 flaws and reports CVE numbers. For those who wants to get more info about the vulnerabilities associated with their OVAL ID, CVSS v2, CPE, CWE just past the CVE into the link
http://www.security-database.com./detail.php?alert=YOUR-CVE-HERE.

The main list of CVE’s reported by PorkBind could be reached here

Changes :

  • Wrote in-a-bind shell script that scans random domain names from DMOZ
    Implemented recursive query testing
  • Changed porkbind.conf to use CVE numbers in addition to CERT alerts
  • Modified text displayed on stdout to make it more parsable
  • Licensed with GNU Lesser General Public License
  • Fixed timeout/concurrency/memory corruption bugs
  • Fixed improper comparison of alpha/beta version numbering bug
  • Added typecasts to silence compiler warnings

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

Configurations checks
PorkBind
Vulnerability Scanner