Executive Summary
Summary | |
---|---|
Title | Bind vulnerability |
Informations | |||
---|---|---|---|
Name | USN-808-1 | First vendor Publication | 2009-07-29 |
Vendor | Ubuntu | Last vendor Modification | 2009-07-29 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 8.04 LTS: Ubuntu 8.10: Ubuntu 9.04: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service. |
Original Source
Url : http://www.ubuntu.com/usn/USN-808-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10414 | |||
Oval ID: | oval:org.mitre.oval:def:10414 | ||
Title: | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. | ||
Description: | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0696 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12245 | |||
Oval ID: | oval:org.mitre.oval:def:12245 | ||
Title: | HP-UX Running BIND, Remote Denial of Service (DoS) | ||
Description: | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0696 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13755 | |||
Oval ID: | oval:org.mitre.oval:def:13755 | ||
Title: | DSA-1847-1 bind9 -- improper assert | ||
Description: | It was discovered that the BIND DNS server terminates when processing a specially crafted dynamic DNS update. This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a master, even if dynamic updates are not enabled. The default Debian configuration for resolvers includes several authoritative zones, too, so resolvers are also affected by this issue unless these zones have been removed. For the old stable distribution, this problem has been fixed in version 9.3.4-2etch5. For the stable distribution, this problem has been fixed in version 9.5.1.dfsg.P3-1. For the unstable distribution, this problem has been fixed in version 1:9.6.1.dfsg.P1-1. We recommend that you upgrade your bind9 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1847-1 CVE-2009-0696 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | bind9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22864 | |||
Oval ID: | oval:org.mitre.oval:def:22864 | ||
Title: | ELSA-2009:1179: bind security update (Important) | ||
Description: | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1179-02 CVE-2009-0696 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | bind |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7806 | |||
Oval ID: | oval:org.mitre.oval:def:7806 | ||
Title: | VMware BIND vulnerability | ||
Description: | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0696 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for bind CESA-2009:1181 centos3 i386 File : nvt/gb_CESA-2009_1181_bind_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:1180 centos4 i386 File : nvt/gb_CESA-2009_1180_bind_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for bind CESA-2009:1179 centos5 i386 File : nvt/gb_CESA-2009_1179_bind_centos5_i386.nasl |
2010-05-12 | Name : Mac OS X Security Update 2009-004 File : nvt/macosx_secupd_2009-004.nasl |
2010-03-02 | Name : Fedora Update for bind FEDORA-2010-0861 File : nvt/gb_fedora_2010_0861_bind_fc11.nasl |
2009-12-03 | Name : Fedora Core 11 FEDORA-2009-12218 (bind) File : nvt/fcore_2009_12218.nasl |
2009-10-13 | Name : SLES10: Security update for bind File : nvt/sles10_bind1.nasl |
2009-10-13 | Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-20 File : nvt/gb_solaris_112837_20.nasl |
2009-10-13 | Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-19 File : nvt/gb_solaris_114265_19.nasl |
2009-10-13 | Name : Solaris Update for bind 119783-13 File : nvt/gb_solaris_119783_13.nasl |
2009-10-13 | Name : Solaris Update for bind 119784-13 File : nvt/gb_solaris_119784_13.nasl |
2009-10-11 | Name : SLES11: Security update for bind File : nvt/sles11_bind.nasl |
2009-10-10 | Name : SLES9: Security update for bind File : nvt/sles9p5054699.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1181 (bind) File : nvt/ovcesa2009_1181.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1180 (bind) File : nvt/ovcesa2009_1180.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1179 (bind) File : nvt/ovcesa2009_1179.nasl |
2009-08-17 | Name : SuSE Security Advisory SUSE-SA:2009:040 (bind) File : nvt/suse_sa_2009_040.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1179 File : nvt/RHSA_2009_1179.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:181 (bind) File : nvt/mdksa_2009_181.nasl |
2009-08-17 | Name : Ubuntu USN-808-1 (bind9) File : nvt/ubuntu_808_1.nasl |
2009-08-17 | Name : Gentoo Security Advisory GLSA 200908-02 (bind) File : nvt/glsa_200908_02.nasl |
2009-08-17 | Name : FreeBSD Ports: bind9 File : nvt/freebsd_bind91.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8119 (bind) File : nvt/fcore_2009_8119.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1847-1 (bind9) File : nvt/deb_1847_1.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1181 File : nvt/RHSA_2009_1181.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1180 File : nvt/RHSA_2009_1180.nasl |
2009-08-14 | Name : HP-UX Update for BIND HPSBUX02451 File : nvt/gb_hp_ux_HPSBUX02451.nasl |
2009-07-29 | Name : FreeBSD Security Advisory (FreeBSD-SA-09:12.bind.asc) File : nvt/freebsdsa_bind7.nasl |
2009-07-29 | Name : ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability File : nvt/bind_cve_2009_0696.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-210-01 bind File : nvt/esoft_slk_ssa_2009_210_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56584 | ISC BIND Dynamic Update Message Handling Remote DoS BIND contains a flaw that may allow a remote denial of service. The issue is triggered when when a server receives a dynamic update message containing a record type of "ANY" and where at least one RRset for this FQDN exists on the server, and will result in loss of availability for the platform. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ISC BIND dynamic update message denial of service attempt RuleID : 15734 - Revision : 6 - Type : PROTOCOL-DNS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-21 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL10366.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1181.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1180.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1179.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56317.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56311.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56312.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56313.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56314.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56315.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56316.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote AIX host is missing a security patch. File : aix_IZ56318.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090730_bind_security_for_SL_4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090730_bind_for_SL_5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090730_bind_for_SL_3_0_x.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-210-01.nasl - Type : ACT_GATHER_INFO |
2010-06-07 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_40339.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1847.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1179.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_bind-6383.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_bind-6382.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_bind-090729.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12462.nasl - Type : ACT_GATHER_INFO |
2009-08-13 | Name : The remote host is missing a Mac OS X update that fixes a denial of service i... File : macosx_SecUpd2009-004.nasl - Type : ACT_GATHER_INFO |
2009-08-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200908-02.nasl - Type : ACT_GATHER_INFO |
2009-08-03 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_83725c917c7e11de967200e0815b8da8.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote name server may be affected by a denial of service vulnerability. File : bind9_dyn_update_DoS.nasl - Type : ACT_DENIAL |
2009-07-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1180.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_bind-090729.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_bind-090729.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1181.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-8119.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1181.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1180.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1179.nasl - Type : ACT_GATHER_INFO |
2009-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-181.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-808-1.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote name server may be affected by a denial of service vulnerability. File : bind9_dos3.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 114265-23 File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote host is missing Sun Security Patch number 112837-24 File : solaris9_112837.nasl - Type : ACT_GATHER_INFO |
2007-06-18 | Name : The remote host is missing Sun Security Patch number 119784-40 File : solaris10_x86_119784.nasl - Type : ACT_GATHER_INFO |
2007-06-18 | Name : The remote host is missing Sun Security Patch number 119783-40 File : solaris10_119783.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109327-24 File : solaris8_x86_109327.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109326-24 File : solaris8_109326.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:08 |
|