9.4 - TA08-190A

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Microsoft Updates for Multiple Vulnerabilities

Informations
Name	TA08-190A	First vendor Publication	2008-07-08
Vendor	US-CERT	Last vendor Modification	2008-07-08
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:C/A:C)
Cvss Base Score	9.4	Attack Range	Network
Cvss Impact Score	9.2	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has released updates that address vulnerabilities in Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access.

I. Description

Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access as part of the Microsoft Security Bulletin Summary for July 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the July 2008
Security Bulletin Summary. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA08-190A.html

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
25 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
12 %	CWE-331	Insufficient Entropy
12 %	CWE-200	Information Exposure
12 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
12 %	CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12117

Oval ID:	oval:org.mitre.oval:def:12117
Title:	HP-UX Running BIND, Remote DNS Cache Poisoning
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1447	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.23 AND filesets tests InternetSrvcs.INETSVCS-INETD is installed AND InternetSrvcs.INETSVCS-RUN is installed AND InternetSrvcs.INETSVCS2-RUN is installed AND NOT Patch PHNE_37865 is installed OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.11 AND BINDv920.INETSVCS-BIND version is less than B.11.11.01.015 OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.23 AND filesets tests BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.7.0 AND BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.7.0 OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.11 AND InternetSrvcs.INETSVCS-RUN version is less than C.9.3.2.7.0 OR Criteria meets HP Security Bulletin HPSBUX02351 HP-UX B.11.31 AND filesets tests NameService.BIND-AUX version is less than C.9.3.2.7.0 AND NameService.BIND-RUN version is less than C.9.3.2.7.0

Definition Id: oval:org.mitre.oval:def:13785

Oval ID:	oval:org.mitre.oval:def:13785
Title:	Buffer Overrun Vulnerability in SQL Server
Description:	Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0106	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2005
Definition Synopsis:
SQL Server 2005 SP2 - GDR Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3042.0 AND Check if version of Sqlservr.exe is less than 2005.90.3068.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0 OR SQL Server 2005 SP2 - QFE Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3150.0 AND Check if version of Sqlservr.exe is less than 2005.90.3233.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0

Definition Id: oval:org.mitre.oval:def:13936

Oval ID:	oval:org.mitre.oval:def:13936
Title:	Memory Corruption Vulnerability in SQL Server
Description:	Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0107	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon)
Definition Synopsis:
SQL Server 2000 SP4 - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2050.0 OR SQL Server 2000 SP4- QFE SQL Server 2000 is installed AND SQL Server 2000 QFE - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2273.0 OR SQL Server 2005 SP2 - GDR Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3042.0 AND Check if version of Sqlservr.exe is less than 2005.90.3068.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0 OR SQL Server 2005 SP2 - QFE Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3150.0 AND Check if version of Sqlservr.exe is less than 2005.90.3233.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0

Definition Id: oval:org.mitre.oval:def:14052

Oval ID:	oval:org.mitre.oval:def:14052
Title:	Convert Buffer Overrun Vulnerability in SQL Server
Description:	Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0086	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine (WMSDE)
Definition Synopsis:
SQL Server 2000 SP4 - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2050.0 OR SQL Server 2000 SP4- QFE SQL Server 2000 is installed AND SQL Server 2000 QFE - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2273.0

Definition Id: oval:org.mitre.oval:def:14213

Oval ID:	oval:org.mitre.oval:def:14213
Title:	Memory Page Reuse Vulnerability in SQL Server
Description:	SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0085	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon)
Definition Synopsis:
SQL Server 2000 SP4 - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2050.0 OR SQL Server 2000 SP4- QFE SQL Server 2000 is installed AND SQL Server 2000 QFE - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2273.0 OR SQL Server 2005 SP2 - GDR Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3042.0 AND Check if version of Sqlservr.exe is less than 2005.90.3068.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0 OR SQL Server 2005 SP2 - QFE Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3150.0 AND Check if version of Sqlservr.exe is less than 2005.90.3233.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0

Definition Id: oval:org.mitre.oval:def:17512

Oval ID:	oval:org.mitre.oval:def:17512
Title:	USN-627-1 -- dnsmasq vulnerability
Description:	Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq.
Family:	unix	Class:	patch
Reference(s):	USN-627-1 CVE-2008-1447	Version:	7
Platform(s):	Ubuntu 8.04	Product(s):	dnsmasq
Definition Synopsis:
Ubuntu 8.04 is installed AND dnsmasq-base DPKG is earlier than 2.41-2ubuntu2.1

Definition Id: oval:org.mitre.oval:def:17734

Oval ID:	oval:org.mitre.oval:def:17734
Title:	USN-622-1 -- bind9 vulnerability
Description:	Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.
Family:	unix	Class:	patch
Reference(s):	USN-622-1 CVE-2008-1447	Version:	5
Platform(s):	Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04	Product(s):	bind9
Definition Synopsis:
Release section Ubuntu 6.06 is installed AND libdns21 DPKG is earlier than 1:9.3.2-2ubuntu1.5 AND Release section Ubuntu 7.04 is installed AND libdns22 DPKG is earlier than 1:9.3.4-2ubuntu2.3 AND Release section Ubuntu 7.10 is installed AND libdns32 DPKG is earlier than 1:9.4.1-P1-3ubuntu2 AND Release section Ubuntu 8.04 is installed AND libdns35 DPKG is earlier than 1:9.4.2-10ubuntu0.1

Definition Id: oval:org.mitre.oval:def:18704

Oval ID:	oval:org.mitre.oval:def:18704
Title:	DSA-1623-1 dnsmasq - cache poisoning
Description:	Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
Family:	unix	Class:	patch
Reference(s):	DSA-1623-1 CVE-2008-1447	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	dnsmasq
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND dnsmasq DPKG is earlier than 2.35-1+etch4

Definition Id: oval:org.mitre.oval:def:18724

Oval ID:	oval:org.mitre.oval:def:18724
Title:	DSA-1617-1 refpolicy - incompatible policy
Description:	In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as <a href="http://security-tracker.debian.org/tracker/CVE-2008-1447">CVE-2008-1447</a>). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy.
Family:	unix	Class:	patch
Reference(s):	DSA-1617-1 CVE-2008-1447	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	refpolicy
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND refpolicy DPKG is earlier than 0.0.20061018-5.1+etch1

Definition Id: oval:org.mitre.oval:def:19900

Oval ID:	oval:org.mitre.oval:def:19900
Title:	DSA-1603-1 bind9 - cache poisoning
Description:	Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
Family:	unix	Class:	patch
Reference(s):	DSA-1603-1 CVE-2008-1447	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	bind9
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND bind9 DPKG is earlier than 1:9.3.4-2etch3

Definition Id: oval:org.mitre.oval:def:21970

Oval ID:	oval:org.mitre.oval:def:21970
Title:	ELSA-2008:0533: bind security update (Important)
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0533-02 CVE-2008-1447	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	bind selinux-policy-targeted selinux-policy
Definition Synopsis:
Oracle Linux 5.x rpm test selinux-policy-devel is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-mls is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-targeted is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-strict is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy is earlier than 0:2.4.6-137.1.el5_2 AND bind-libbind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-utils is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-chroot is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-sdb is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-libs is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND caching-nameserver is earlier than 30:9.3.4-6.0.2.P1.el5_2

Definition Id: oval:org.mitre.oval:def:22177

Oval ID:	oval:org.mitre.oval:def:22177
Title:	ELSA-2008:0789: dnsmasq security update (Moderate)
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0789-01 CVE-2008-1447	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	dnsmasq
Definition Synopsis:
Oracle Linux 5.x AND dnsmasq is earlier than 0:2.45-1.el5_2.1

Definition Id: oval:org.mitre.oval:def:28787

Oval ID:	oval:org.mitre.oval:def:28787
Title:	RHSA-2008:0533 -- bind security update (Important)
Description:	Updated bind packages that help mitigate DNS spoofing attacks are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. We have updated the Enterprise Linux 5 packages in this advisory. The default and sample caching-nameserver configuration files have been updated so that they do not specify a fixed query-source port. Administrators wishing to take advantage of randomized UDP source ports should check their configuration file to ensure they have not specified fixed query-source ports. ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols.
Family:	unix	Class:	patch
Reference(s):	RHSA-2008:0533 CESA-2008:0533-CentOS 5 CESA-2008:0533-CentOS 2 CESA-2008:0533-CentOS 3 CVE-2008-1447	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 2 CentOS Linux 3	Product(s):	bind selinux-policy-targeted selinux-policy
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section bind-chroot is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-libbind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND caching-nameserver is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy-devel is earlier than 0:2.4.6-137.1.el5_2 AND bind is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-libs is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-sdb is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-utils is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-mls is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-strict is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-targeted is earlier than 0:2.4.6-137.1.el5_2 AND Red Hat Enterprise Linux 3 release section The operating system installed on the system is Red Hat Enterprise Linux 3 Packages match section bind is earlier than 30:9.2.4-22.el3 AND bind-chroot is earlier than 30:9.2.4-22.el3 AND bind-devel is earlier than 30:9.2.4-22.el3 AND bind-libs is earlier than 30:9.2.4-22.el3 AND bind-utils is earlier than 30:9.2.4-22.el3 AND Red Hat Enterprise Linux 4 release section The operating system installed on the system is Red Hat Enterprise Linux 4 Packages match section bind is earlier than 30:9.2.4-28.0.1.el4 AND bind-chroot is earlier than 30:9.2.4-28.0.1.el4 AND bind-devel is earlier than 30:9.2.4-28.0.1.el4 AND bind-libs is earlier than 30:9.2.4-28.0.1.el4 AND bind-utils is earlier than 30:9.2.4-28.0.1.el4 AND selinux-policy-targeted is earlier than 0:1.17.30-2.150.el4 AND selinux-policy-targeted-sources is earlier than 0:1.17.30-2.150.el4 AND CentOS Linux 5 release section The operating system installed on the system is CentOS Linux 5.x Packages match section bind is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-chroot is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-devel is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-libbind-devel is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-libs is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-sdb is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND bind-utils is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND caching-nameserver is earlier than 30:9.3.4-6.0.1.P1.el5_2 AND selinux-policy is earlier than 0:2.4.6-137.1.el5 AND selinux-policy-devel is earlier than 0:2.4.6-137.1.el5 AND selinux-policy-mls is earlier than 0:2.4.6-137.1.el5 AND selinux-policy-strict is earlier than 0:2.4.6-137.1.el5 AND selinux-policy-targeted is earlier than 0:2.4.6-137.1.el5

Definition Id: oval:org.mitre.oval:def:29167

Oval ID:	oval:org.mitre.oval:def:29167
Title:	RHSA-2008:0789 -- dnsmasq security update (Moderate)
Description:	An updated dnsmasq package that implements UDP source-port randomization is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dnsmasq is lightweight DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. The dnsmasq DNS resolver used a fixed source UDP port. This could have made DNS spoofing attacks easier. dnsmasq has been updated to use random UDP source ports, helping to make DNS spoofing attacks harder. (CVE-2008-1447) All dnsmasq users are advised to upgrade to this updated package, that upgrades dnsmasq to version 2.45, which resolves this issue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2008:0789 CVE-2008-1447	Version:	3
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	dnsmasq
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 AND dnsmasq is earlier than 0:2.45-1.el5_2.1

Definition Id: oval:org.mitre.oval:def:5354

Oval ID:	oval:org.mitre.oval:def:5354
Title:	OWA For Exchange Server Data Validation XSS Vulnerability
Description:	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-2247	Version:	1
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft Exchange Server
Definition Synopsis:
Microsoft Exchange Server 2003 Service Pack 2 is installed AND owaauth.dll is less than 6.5.7653.38

Definition Id: oval:org.mitre.oval:def:5380

Oval ID:	oval:org.mitre.oval:def:5380
Title:	DNS Cache Poisoning Vulnerability
Description:	Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-1454	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):
Definition Synopsis:
Win 2K SP4 and vulnerable version of file Microsoft Windows 2000 SP4 or later is installed AND Dns.exe version is less than 5.0.2195.7162 OR Win 2k3 SP1 and vulnerable version of server file Win 2K3 SP1 (X86/ X64/IA64) Microsoft Windows Server 2003 SP1 (x86) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 SP1 for Itanium is installed AND dns.exe version is less than 5.2.3790.3161 OR Win 2k3 SP2 and vulnerable version of server file Win 2K3 SP2 (X86/ X64/IA64) Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND dns.exe version is less than 5.2.3790.4318 OR Win 2k8 and vulnerable version of server file Win 2K8 32/64 bit Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Check for LDR / GDR Check if the version of dns.exe is less than 6.0.6001.18081 OR Check for LDR Check if the version of dns.exe is greater than or equal to 6.0.6001.22000 AND dns.exe version is less than 6.0.6001.22192

Definition Id: oval:org.mitre.oval:def:5600

Oval ID:	oval:org.mitre.oval:def:5600
Title:	Windows Saved Search Vulnerability
Description:	Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-1435	Version:	3
Platform(s):	Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):
Definition Synopsis:
Vulnerable Windows Vista (32-bit)/(x64) Windows Vista (32-bit)/(x64) Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Check for LDR/GDR shell32.dll version is less than 6.0.6000.16680 OR Check for LDR Check if version of Shell32.dll is greater than or equal to 6.0.6000.20000 AND Check if version of Shell32.dll is less than 6.0.6000.20822 OR Vulnerable Windows Vista SP1 (32-bit)/(x64)/Server 2008 (x86)/(x64)/(ia-64) Windows Vista SP1 (32-bit)/(x64)/Server 2008 (x86)/(x64)/(ia-64) Microsoft Windows Vista (32-bit) Service Pack 1 is installed AND Microsoft Windows Vista x64 Edition Service Pack 1 is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Check for LDR/GDR shell32.dll version is less than 6.0.6001.18062 OR Check for LDR Check if version of Shell32.dll is greater than or equal to 6.0.6001.22000 AND Check if version of Shell32.dll is less than 6.0.6001.22166

Definition Id: oval:org.mitre.oval:def:5695

Oval ID:	oval:org.mitre.oval:def:5695
Title:	OWA For Exchange Server Parsing XSS Vulnerability
Description:	Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-2248	Version:	1
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft Exchange Server
Definition Synopsis:
IF Microsoft Exchange Server 2007 (no Service Pack) is installed AND cdoex.dll is less than 8.0.813.0 OR Microsoft Exchange Server 2007 SP1 is installed AND cdoex.dll is less than 8.1.291.1

Definition Id: oval:org.mitre.oval:def:5725

Oval ID:	oval:org.mitre.oval:def:5725
Title:	DNS Insufficient Socket Entropy Vulnerability
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-1447	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
Win 2K SP4 and vulnerable version of file Microsoft Windows 2000 SP4 or later is installed AND Check for vulnerable version of server or client file dnsapi.dll version is less than 5.0.2195.7280 AND Dns.exe version is less than 5.0.2195.7162 OR Win XP SP2 X86 and vulnerable version of client file Microsoft Windows XP (x86) SP2 is installed AND dnsapi.dll version is less than 5.1.2600.3394 OR Win XP SP3 X86 and vulnerable version of client file Microsoft Windows XP (x86) SP3 is installed AND dnsapi.dll version is less than 5.1.2600.5625 OR Win XP X64 SP1 and vulnerable version of client file Microsoft Windows XP Professional x64 Edition SP1 is installed AND dnsapi.dll version is less than 5.2.3790.3161 OR Win XP X64 and vulnerable version of client file Microsoft Windows XP x64 Edition SP2 is installed AND dnsapi.dll version is less than 5.2.3790.4318 OR Win 2k3 SP1 and vulnerable version of client or server file Win 2K3 SP1 (X86/ X64/IA64) Microsoft Windows Server 2003 SP1 (x86) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 SP1 for Itanium is installed AND Check for vulnerable version of client or server file dnsapi.dll version is less than 5.2.3790.3161 AND dns.exe version is less than 5.2.3790.3161 OR Win 2k3 SP2 and vulnerable version of client or server file Win 2K3 SP2 (X86/ X64/IA64) Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Check for vulnerable version of client or server file dnsapi.dll version is less than 5.2.3790.4318 AND dns.exe version is less than 5.2.3790.4318

Definition Id: oval:org.mitre.oval:def:5761

Oval ID:	oval:org.mitre.oval:def:5761
Title:	HP-UX Running BIND, Remote DNS Cache Poisoning
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1447	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.11 AND BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.3.0 OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.23 AND filesets tests InternetSrvcs.INETSVCS-INETD is installed AND InternetSrvcs.INETSVCS-RUN is installed AND InternetSrvcs.INETSVCS2-RUN is installed AND NOT Patch PHNE_37865 is installed OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.23 AND filesets tests BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.3.0 AND BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.3.0 OR Criteria meets HP Security Bulletin HPSBUX02351 HP Release B.11.11 AND BINDv920.INETSVCS-BIND version is less than B.11.11.01.011 OR Criteria meets HP Security Bulletin HPSBUX02351 HP-UX B.11.31 AND filesets tests NameService.BIND-AUX version is less than C.9.3.2.3.0 AND NameService.BIND-RUN version is less than C.9.3.2.3.0

Definition Id: oval:org.mitre.oval:def:5917

Oval ID:	oval:org.mitre.oval:def:5917
Title:	Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1447	Version:	1
Platform(s):	Sun Solaris 8 Sun Solaris 9 Sun Solaris 10	Product(s):
Definition Synopsis:
Software Section Solaris 8 (SPARC) meets Sun Alert 239392 Solaris 8 (SPARC) is installed AND NOT Patch 109326-23 or later installed OR Solaris 9 (SPARC) meets Sun Alert 239392 Solaris 9 (SPARC) is installed AND NOT Patch 112837-15 or later installed OR Solaris 10 (SPARC) meets Sun Alert 239392 Solaris 10 (SPARC) is installed AND NOT Patch 119783-06 or later installed OR Solaris 8 (x86) meets Sun Alert 239392 Solaris 8 (x86) is installed AND NOT Patch 109327-23 or later installed OR Solaris 9 (x86) meets Sun Alert 239392 Solaris 9 (x86) is installed AND NOT Patch 114265-14 or later installed OR Solaris 10 (x86) meets Sun Alert 239392 Solaris 10 (x86) is installed AND NOT Patch 119784-06 or later installed AND in.named running

Definition Id: oval:org.mitre.oval:def:7531

Oval ID:	oval:org.mitre.oval:def:7531
Title:	DSA-1623 dnsmasq -- DNS cache poisoning
Description:	Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. This update also switches the random number generator to Dan Bernstein's SURF.
Family:	unix	Class:	patch
Reference(s):	DSA-1623 CVE-2008-1447	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	dnsmasq
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is ia64 AND Installed architecture is mips AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND dnsmasq is earlier than 2.35-1+etch4

Definition Id: oval:org.mitre.oval:def:7660

Oval ID:	oval:org.mitre.oval:def:7660
Title:	DSA-1617 refpolicy -- incompatible policy
Description:	In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard "domain" port (53). The incompatibility affects both the "targeted" and "strict" policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below. Because the Debian refpolicy packages are not yet designed with policy module upgradeability in mind, and because SELinux-enabled Debian systems often have some degree of site-specific policy customization, it is difficult to assure that the new bind policy can be successfully upgraded. To this end, the package upgrade will not abort if the bind policy update fails. The new policy module can be found at /usr/share/selinux/refpolicy-targeted/bind.pp after installation. Administrators wishing to use the bind service policy can reconcile any policy incompatibilities and install the upgrade manually thereafter. A more detailed discussion of the corrective procedure may be found on http://wiki.debian.org/SELinux/Issues/BindPortRandomization. For the stable distribution (etch), this problem has been fixed in version 0.0.20061018-5.1+etch1. The unstable distribution (sid) is not affected, as subsequent refpolicy releases have incorporated an analogous change. We recommend that you upgrade your refpolicy packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1617 CVE-2008-1447	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	refpolicy
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND Installed architecture is all Packages section selinux-policy-refpolicy-src is earlier than 0.0.20061018-5.1+etch1 AND selinux-policy-refpolicy-doc is earlier than 0.0.20061018-5.1+etch1 AND selinux-policy-refpolicy-strict is earlier than 0.0.20061018-5.1+etch1 AND selinux-policy-refpolicy-targeted is earlier than 0.0.20061018-5.1+etch1 AND selinux-policy-refpolicy-dev is earlier than 0.0.20061018-5.1+etch1

Definition Id: oval:org.mitre.oval:def:8092

Oval ID:	oval:org.mitre.oval:def:8092
Title:	DSA-1603 bind9 -- DNS cache poisoning
Description:	Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's BIND 9 packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. Note that this security update changes BIND network behavior in a fundamental way, and the following steps are recommended to ensure a smooth upgrade. 1. Make sure that your network configuration is compatible with source port randomization. If you guard your resolver with a stateless packet filter, you may need to make sure that no non-DNS services listen on the 1024--65535 UDP port range and open it at the packet filter. For instance, packet filters based on etch's Linux 2.6.18 kernel only support stateless filtering of IPv6 packets, and therefore pose this additional difficulty. (If you use IPv4 with iptables and ESTABLISHED rules, networking changes are likely not required.) 2. Install the BIND 9 upgrade, using "apt-get update" followed by "apt-get install bind9". Verify that the named process has been restarted and answers recursive queries. (If all queries result in timeouts, this indicates that networking changes are necessary; see the first step.) 3. Verify that source port randomization is active. Check that the /var/log/daemon.log file does not contain messages of the following form right after the "listening on IPv6 interface" and "listening on IPv4 interface" messages logged by BIND upon startup. If these messages are present, you should remove the indicated lines from the configuration, or replace the port numbers contained within them with "" sign (e.g., replace "port 53" with "port "). For additional certainty, use tcpdump or some other network monitoring tool to check for varying UDP source ports. If there is a NAT device in front of your resolver, make sure that it does not defeat the effect of source port randomization. 4. If you cannot activate source port randomization, consider configuring BIND 9 to forward queries to a resolver which can, possibly over a VPN such as OpenVPN to create the necessary trusted network link. (Use BIND's forward-only mode in this case.) Other caching resolvers distributed by Debian (PowerDNS, MaraDNS, Unbound) already employ source port randomization, and no updated packages are needed. BIND 9.5 up to and including version 1:9.5.0.dfsg-4 only implements a weak form of source port randomization and needs to be updated as well. For information on BIND 8, see DSA-1604-1, and for the status of the libc stub resolver, see DSA-1605-1. The updated bind9 packages contain changes originally scheduled for the next stable point release, including the changed IP address of L.ROOT-SERVERS.NET (Debian bug #449148).
Family:	unix	Class:	patch
Reference(s):	DSA-1603 CVE-2008-1447	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	bind9
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND bind9-doc is earlier than 1:9.3.4-2etch3 AND dnsutils is earlier than 1:9.3.4-2etch3 AND libbind-dev is earlier than 1:9.3.4-2etch3 AND libdns22 is earlier than 1:9.3.4-2etch3 AND libisccfg1 is earlier than 1:9.3.4-2etch3 AND libisccc0 is earlier than 1:9.3.4-2etch3 AND libisc11 is earlier than 1:9.3.4-2etch3 AND libbind9-0 is earlier than 1:9.3.4-2etch3 AND bind9-host is earlier than 1:9.3.4-2etch3 AND bind9 is earlier than 1:9.3.4-2etch3 AND liblwres9 is earlier than 1:9.3.4-2etch3 AND lwresd is earlier than 1:9.3.4-2etch3

Definition Id: oval:org.mitre.oval:def:9627

Oval ID:	oval:org.mitre.oval:def:9627
Title:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Description:	The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1447	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section bind-utils is earlier than 20:9.2.4-22.el3 AND bind-devel is earlier than 20:9.2.4-22.el3 AND bind-chroot is earlier than 20:9.2.4-22.el3 AND bind is earlier than 20:9.2.4-22.el3 AND bind-libs is earlier than 20:9.2.4-22.el3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section bind-utils is earlier than 20:9.2.4-28.0.1.el4 AND bind-devel is earlier than 20:9.2.4-28.0.1.el4 AND bind-chroot is earlier than 20:9.2.4-28.0.1.el4 AND selinux-policy-targeted is earlier than 0:1.17.30-2.150.el4 AND selinux-policy-targeted-sources is earlier than 0:1.17.30-2.150.el4 AND bind is earlier than 20:9.2.4-28.0.1.el4 AND bind-libs is earlier than 20:9.2.4-28.0.1.el4 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section bind-libbind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-chroot is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy-targeted is earlier than 0:2.4.6-137.1.el5_2 AND dnsmasq is earlier than 0:2.45-1.el5_2.1 AND bind-sdb is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND bind-utils is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy-devel is earlier than 0:2.4.6-137.1.el5_2 AND caching-nameserver is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy is earlier than 0:2.4.6-137.1.el5_2 AND bind-libs is earlier than 30:9.3.4-6.0.2.P1.el5_2 AND selinux-policy-strict is earlier than 0:2.4.6-137.1.el5_2 AND selinux-policy-mls is earlier than 0:2.4.6-137.1.el5_2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Bind cpe:2.3:a:isc:bind:9.2.9::::-::: cpe:2.3:a:isc:bind:8::::-::: cpe:2.3:a:isc:bind:4::::-:::	3
Application	Microsoft Data Engine cpe:2.3:a:microsoft:data_engine:1.0:sp4::::::	1
Application	Microsoft Exchange Server cpe:2.3:a:microsoft:exchange_server:2007:sp1:::::: cpe:2.3:a:microsoft:exchange_server:2007:-:::::: cpe:2.3:a:microsoft:exchange_server:2003:sp2::::::	3
Application	Microsoft Outlook Web Access cpe:2.3:a:microsoft:outlook_web_access::::::::	1
Application	Microsoft Sql Server cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp1:::::: cpe:2.3:a:microsoft:sql_server:2005:sp2:::::: cpe:2.3:a:microsoft:sql_server:2005:sp1:x64:::::* cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:::::* cpe:2.3:a:microsoft:sql_server:2005:sp1:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp1:::::x64:* cpe:2.3:a:microsoft:sql_server:2005:sp1:express:::::* cpe:2.3:a:microsoft:sql_server:2005:sp2:::::x64:* cpe:2.3:a:microsoft:sql_server:2005:sp2:::::itanium:* cpe:2.3:a:microsoft:sql_server:2005:sp2:express:::::* cpe:2.3:a:microsoft:sql_server:2005:sp1:::::itanium:* cpe:2.3:a:microsoft:sql_server:2000:sp4:::::itanium:* cpe:2.3:a:microsoft:sql_server:2000:sp4:itanium:::::* cpe:2.3:a:microsoft:sql_server:2000:sp4:::::: cpe:2.3:a:microsoft:sql_server:7.0:sp4::::::	16
Application	Microsoft Sql Server Desktop Engine cpe:2.3:a:microsoft:sql_server_desktop_engine:2000:sp4::::::	1
Application	Microsoft Sql Server Express Edition cpe:2.3:a:microsoft:sql_server_express_edition:2005:sp2::::::	1
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::sp4::::::*	1
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003::sp1:x64::::: cpe:2.3:o:microsoft:windows_server_2003::sp1::::::* cpe:2.3:o:microsoft:windows_server_2003::sp1:itanium::::: cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*	4
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008:::x32:::::* cpe:2.3:o:microsoft:windows_server_2008:::x64:::::*	2
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista::::::::	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp2::::::*	1
Os	Microsoft Windows-Nt cpe:2.3:o:microsoft:windows-nt:2008:::::::*	1

ExploitDB Exploits

id	Description
2008-07-25	BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
2008-07-24	BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
2008-07-23	BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)

OpenVAS Exploits

Date	Description
2012-10-03	Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl
2012-03-16	Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl
2010-05-12	Name : Mac OS X 10.5.5 Update / Security Update 2008-006 File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2010-05-12	Name : Mac OS X Security Update 2008-005 File : nvt/macosx_secupd_2008-005.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-13	Name : SLES10: Security update for bind File : nvt/sles10_bind0.nasl
2009-10-10	Name : SLES9: Security update for bind File : nvt/sles9p5030189.nasl
2009-05-05	Name : HP-UX Update for BIND HPSBUX02351 File : nvt/gb_hp_ux_HPSBUX02351.nasl
2009-04-09	Name : Mandriva Update for bind MDVSA-2008:139 (bind) File : nvt/gb_mandriva_MDVSA_2008_139.nasl
2009-03-23	Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1 File : nvt/gb_ubuntu_USN_651_1.nasl
2009-03-23	Name : Ubuntu Update for dnsmasq vulnerability USN-627-1 File : nvt/gb_ubuntu_USN_627_1.nasl
2009-03-23	Name : Ubuntu Update for bind9 vulnerability USN-622-1 File : nvt/gb_ubuntu_USN_622_1.nasl
2009-03-06	Name : RedHat Update for dnsmasq RHSA-2008:0789-01 File : nvt/gb_RHSA-2008_0789-01_dnsmasq.nasl
2009-03-06	Name : RedHat Update for bind RHSA-2008:0533-01 File : nvt/gb_RHSA-2008_0533-01_bind.nasl
2009-02-27	Name : CentOS Update for bind CESA-2008:0533-03 centos2 i386 File : nvt/gb_CESA-2008_0533-03_bind_centos2_i386.nasl
2009-02-27	Name : CentOS Update for bind CESA-2008:0533 centos4 x86_64 File : nvt/gb_CESA-2008_0533_bind_centos4_x86_64.nasl
2009-02-27	Name : CentOS Update for bind CESA-2008:0533 centos4 i386 File : nvt/gb_CESA-2008_0533_bind_centos4_i386.nasl
2009-02-27	Name : CentOS Update for bind CESA-2008:0533 centos3 x86_64 File : nvt/gb_CESA-2008_0533_bind_centos3_x86_64.nasl
2009-02-27	Name : CentOS Update for bind CESA-2008:0533 centos3 i386 File : nvt/gb_CESA-2008_0533_bind_centos3_i386.nasl
2009-02-18	Name : Fedora Core 9 FEDORA-2009-1069 (dnsmasq) File : nvt/fcore_2009_1069.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-8736 File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-8738 File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl
2009-02-17	Name : Fedora Update for bind FEDORA-2008-6281 File : nvt/gb_fedora_2008_6281_bind_fc8.nasl
2009-02-17	Name : Fedora Update for bind FEDORA-2008-6256 File : nvt/gb_fedora_2008_6256_bind_fc9.nasl
2009-01-23	Name : SuSE Update for bind SUSE-SA:2008:033 File : nvt/gb_suse_2008_033.nasl
2009-01-23	Name : SuSE Update for openwsman SUSE-SA:2008:041 File : nvt/gb_suse_2008_041.nasl
2009-01-20	Name : Fedora Core 9 FEDORA-2009-0350 (bind) File : nvt/fcore_2009_0350.nasl
2009-01-13	Name : Gentoo Security Advisory GLSA 200901-03 (pdnsd) File : nvt/glsa_200901_03.nasl
2008-12-23	Name : Gentoo Security Advisory GLSA 200812-17 (ruby) File : nvt/glsa_200812_17.nasl
2008-10-14	Name : MS SQL Server Elevation of Privilege Vulnerabilities (941203) File : nvt/gb_ms08-040.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200809-02 (dnsmasq) File : nvt/glsa_200809_02.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200807-08 (bind) File : nvt/glsa_200807_08.nasl
2008-09-04	Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma File : nvt/freebsd_ruby9.nasl
2008-09-04	Name : FreeBSD Security Advisory (FreeBSD-SA-08:06.bind.asc) File : nvt/freebsdsa_bind5.nasl
2008-08-22	Name : Vulnerabilities in DNS Could Allow Spoofing (953230) File : nvt/secpod_ms08-037_900005.nasl
2008-08-22	Name : Outlook Web Access for Exchange Server Elevation of Privilege (953747) File : nvt/secpod_ms08-039_900007.nasl
2008-08-15	Name : Debian Security Advisory DSA 1623-1 (dnsmasq) File : nvt/deb_1623_1.nasl
2008-08-15	Name : Debian Security Advisory DSA 1619-1 (python-dns) File : nvt/deb_1619_1.nasl
2008-08-15	Name : Debian Security Advisory DSA 1617-1 (refpolicy) File : nvt/deb_1617_1.nasl
2008-07-15	Name : Debian Security Advisory DSA 1603-1 (bind9) File : nvt/deb_1603_1.nasl
0000-00-00	Name : Slackware Advisory SSA:2008-334-01 ruby File : nvt/esoft_slk_ssa_2008_334_01.nasl
0000-00-00	Name : Slackware Advisory SSA:2008-205-01 dnsmasq File : nvt/esoft_slk_ssa_2008_205_01.nasl
0000-00-00	Name : Slackware Advisory SSA:2008-191-02 bind File : nvt/esoft_slk_ssa_2008_191_02.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
53917	HP Multiple Products DNS Query ID Field Prediction Cache Poisoning
53530	Check Point DNS Query ID Field Prediction Cache Poisoning
48256	Ingate Firewall/SIParator DNS Query ID Field Prediction Cache Poisoning
48244	pdnsd DNS Query ID Field Prediction Cache Poisoning
48186	Apple Mac OS X DNS Query ID Field Prediction Cache Poisoning
47927	Nortel Business Communications Manager DNS Query ID Field Prediction Cache Po...
47926	Astaro Security Gateway DNS Query ID Field Prediction Cache Poisoning
47916	Citrix Access Gateway DNS Query ID Field Prediction Cache Poisoning
47660	VitalQIP DNS Query ID Field Prediction Cache Poisoning
47588	Yamaha RT Series Routers DNS Query ID Field Prediction Cache Poisoning
47546	Astaro Security Gateway DNS Proxy DNS Query ID Field Prediction Cache Poisoning
47510	Dnsmasq DNS Query ID Field Prediction Cache Poisoning
47233	Secure Computing Sidewinder / CyberGuard DNS Query ID Field Prediction Cache ...
47232	F5 Multiple Product DNS Query ID Field Prediction Cache Poisoning
46916	Juniper Networks Multiple Products DNS Query ID Field Prediction Cache Poisoning
46837	Solaris named(1M) DNS Query ID Field Prediction Cache Poisoning Solaris contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.
46836	Nominum CNS / Vantio DNS Query ID Field Prediction Cache Poisoning
46786	Cisco Multiple Products DNS Query ID Field Prediction Cache Poisoning Multiple Cisco products contain a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.
46780	Microsoft Outlook Web Access (OWA) HTML Parsing Unspecified XSS
46779	Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS Microsoft OWA contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate email fields from withing a users session. This could allow an attacker the ability to execute malicious script in the security context of the victims OWA session via a specially crafted email, and read, send, and delete emails as the logged-on user leading to a loss of integrity.
46778	Microsoft Windows DNS Query ID Field Prediction Cache Poisoning Microsoft Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.
46777	Microsoft Windows DNS Socket Entropy Weakness Cache Poisoning Windows contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.
46776	ISC BIND DNS Query ID Field Prediction Cache Poisoning BIND contains a flaw that may allow a malicious user to insert invalid records into a recursive DNS server cache. The issue is triggered by a flaw in the DNS protocol, which does not require sufficient randomness in selecting Query ID and UDP source port for queries to authoritative servers. It is possible that the flaw may allow an attacker to spoof a DNS response to a legitimate query resulting in a loss of integrity.
46774	Microsoft Windows Explorer Saved Search File Handling DoS
46773	Microsoft SQL Server Memory Page Reuse Information Disclosure
46772	Microsoft SQL Server Convert Function Overflow
46771	Microsoft SQL Server Stored Backup File Processing Memory Corruption Arbitrar...
46770	Microsoft SQL Server Crafted Insert Statement Overflow

Information Assurance Vulnerability Management (IAVM)

Date	Description
2011-05-12	IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158
2008-07-17	IAVM : 2008-A-0045 - DNS Protocol Cache Poisoning Vulnerability Severity : Category I - VMSKEY : V0016170
2008-07-10	IAVM : 2008-T-0033 - Multiple Vulnerabilities in Microsoft Outlook Web Access Severity : Category II - VMSKEY : V0016150

Snort® IPS/IDS

Date	Description
2014-01-10	MSSQL CONVERT function unicode buffer overflow attempt RuleID : 21085 - Revision : 3 - Type : SERVER-MSSQL
2014-01-10	MSSQL CONVERT function buffer overflow attempt RuleID : 21084 - Revision : 3 - Type : SERVER-MSSQL
2014-01-10	Microsoft SQL Server INSERT Statement Buffer Overflow attempt RuleID : 17307 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10	Microsoft Windows DNS server spoofing attempt RuleID : 16206 - Revision : 12 - Type : OS-WINDOWS
2014-01-10	Suspicious ansi_padding option RuleID : 16075 - Revision : 7 - Type : SQL
2014-01-10	Suspicious ansi_padding option RuleID : 16074 - Revision : 4 - Type : SQL
2014-01-10	MS-SQL convert function unicode overflow RuleID : 16073 - Revision : 8 - Type : OS-WINDOWS
2014-01-10	excessive outbound NXDOMAIN replies - possible spoof of domain run by local D... RuleID : 13949 - Revision : 17 - Type : PROTOCOL-DNS
2014-01-10	large number of NXDOMAIN replies - possible DNS cache poisoning RuleID : 13948 - Revision : 13 - Type : PROTOCOL-DNS
2014-01-10	Microsoft SQL server MTF file download RuleID : 13896 - Revision : 14 - Type : SERVER-MSSQL
2014-01-10	Microsoft Office Outlook Web Access invalid CSS escape sequence script execut... RuleID : 13895 - Revision : 16 - Type : SERVER-MAIL
2014-01-10	Microsoft Office Outlook Web Access From field cross-site scripting attempt RuleID : 13894 - Revision : 19 - Type : SERVER-MAIL
2014-01-10	Microsoft malformed saved search heap corruption attempt RuleID : 13893 - Revision : 17 - Type : FILE-OTHER
2014-01-10	Convert function style overwrite RuleID : 13892 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10	Memory page overwrite attempt RuleID : 13891 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10	Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13890 - Revision : 13 - Type : FILE-OTHER
2014-01-10	Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13889 - Revision : 13 - Type : FILE-OTHER
2014-01-10	Microsoft SQL Server Backup Database File integer overflow attempt RuleID : 13888 - Revision : 13 - Type : FILE-OTHER
2014-01-10	dns root nameserver poisoning attempt RuleID : 13887 - Revision : 12 - Type : PROTOCOL-DNS
2014-01-10	dns cache poisoning attempt RuleID : 13667 - Revision : 19 - Type : PROTOCOL-DNS

Nessus® Vulnerability Scanner

Date	Description
2017-04-21	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0022.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8938.nasl - Type : ACT_GATHER_INFO
2014-03-05	Name : The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File : ms_dns_kb951746.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0789.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2012-10-01	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing a security update. File : sl_20080811_dnsmasq_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080711_bind_on_SL_3_0_x.nasl - Type : ACT_GATHER_INFO
2011-05-28	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-191-02.nasl - Type : ACT_GATHER_INFO
2011-02-14	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2010-09-01	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080708-dnshttp.nasl - Type : ACT_GATHER_INFO
2010-09-01	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080924-iosipshttp.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12197.nasl - Type : ACT_GATHER_INFO
2009-07-27	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2008-0014.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-080708.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_dnsmasq-080813.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-139.nasl - Type : ACT_GATHER_INFO
2009-02-17	Name : The remote Fedora host is missing a security update. File : fedora_2009-1069.nasl - Type : ACT_GATHER_INFO
2009-01-12	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200901-03.nasl - Type : ACT_GATHER_INFO
2008-12-17	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-17.nasl - Type : ACT_GATHER_INFO
2008-12-01	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-334-01.nasl - Type : ACT_GATHER_INFO
2008-10-10	Name : The remote Fedora host is missing a security update. File : fedora_2008-8738.nasl - Type : ACT_GATHER_INFO
2008-09-29	Name : The remote SQL server is affected by multiple vulnerabilities. File : smb_kb941203.nasl - Type : ACT_GATHER_INFO
2008-09-16	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO
2008-09-16	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO
2008-09-05	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-02.nasl - Type : ACT_GATHER_INFO
2008-08-17	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_959d384d6b5911dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO
2008-08-15	Name : The remote openSUSE host is missing a security update. File : suse_dnsmasq-5512.nasl - Type : ACT_GATHER_INFO
2008-08-12	Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_37865.nasl - Type : ACT_GATHER_INFO
2008-08-12	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0789.nasl - Type : ACT_GATHER_INFO
2008-08-01	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1623.nasl - Type : ACT_GATHER_INFO
2008-08-01	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO
2008-07-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1617.nasl - Type : ACT_GATHER_INFO
2008-07-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1619.nasl - Type : ACT_GATHER_INFO
2008-07-24	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-205-01.nasl - Type : ACT_GATHER_INFO
2008-07-23	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-627-1.nasl - Type : ACT_GATHER_INFO
2008-07-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-08.nasl - Type : ACT_GATHER_INFO
2008-07-15	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_bind-5409.nasl - Type : ACT_GATHER_INFO
2008-07-15	Name : The remote openSUSE host is missing a security update. File : suse_bind-5410.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-622-1.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1603.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Fedora host is missing a security update. File : fedora_2008-6256.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Fedora host is missing a security update. File : fedora_2008-6281.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0533.nasl - Type : ACT_GATHER_INFO
2008-07-09	Name : The remote name resolver (or the server it uses upstream) is affected by a DN... File : dns_non_random_source_ports.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : The remote host is vulnerable to DNS spoofing attacks. File : smb_nt_ms08-037.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : Vulnerabilities in the Windows Shell may allow an attacker to execute privile... File : smb_nt_ms08-038.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : The remote web server is vulnerable to cross-site scripting issues. File : smb_nt_ms08-039.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : The remote Microsoft SQL Server install is vulnerable to memory corruption fl... File : smb_nt_ms08-040.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 114265-23 File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO
2007-09-25	Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_36973.nasl - Type : ACT_GATHER_INFO
2007-09-25	Name : The remote host is missing Sun Security Patch number 112837-24 File : solaris9_112837.nasl - Type : ACT_GATHER_INFO
2004-07-12	Name : The remote host is missing Sun Security Patch number 109326-24 File : solaris8_109326.nasl - Type : ACT_GATHER_INFO
2004-07-12	Name : The remote host is missing Sun Security Patch number 109327-24 File : solaris8_x86_109327.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	8
Oval ID(s)	25
CPE ID(s)	36
osvdb(s)	28
ExploitDB Exploit(s)	3
Openvas Exploit(s)	43
IAVM(s)	3
Snort® Rule(s)	20
Nessus® Exploit(s)	58

	Related
9.4	CVE-2008-1454
9.3	CVE-2008-1435
9	CVE-2008-0107
9	CVE-2008-0106
9	CVE-2008-0086
6.8	CVE-2008-1447
5	CVE-2008-0085
4.3	CVE-2008-2248
4.3	CVE-2008-2247
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)