oval:org.mitre.oval:def:12722

Definition Id: oval:org.mitre.oval:def:12722

Oval ID:	oval:org.mitre.oval:def:12722
Title:	DSA-2130-1 bind9 -- several
Description:	Several remote vulnerabilities have been discovered in BIND, an implementation of the DNS protocol suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3762 When DNSSEC validation is enabled, BIND does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service via a DNS query. CVE-2010-3614 BIND does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which may lead to zone unavailability during rollovers. CVE-2010-3613 BIND does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service via a query for cached data. In addition, this security update improves compatibility with previously installed versions of the bind9 package. As a result, it is necessary to initiate the update with "apt-get dist-upgrade" instead of "apt-get update". For the stable distribution, these problems have been fixed in version 1:9.6.ESV.R3+dfsg-0+lenny1. For the upcoming stable distribution and the unstable distribution, these problems have been fixed in version 1:9.7.2.dfsg.P3-1. We recommend that you upgrade your bind9 packages.
Family:	unix	Class:	patch
Reference(s):	DSA-2130-1 CVE-2010-3762 CVE-2010-3614 CVE-2010-3613	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):	bind9
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Architecture section Architecture independet section Installed architecture is all AND ind9-doc DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 OR Architecture depended section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libbind-dev DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND libisccc50 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND libbind9-50 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND libisc50 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND ind9 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND ind9utils DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND liblwres50 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND libisccfg50 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND nsutils DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND libdns58 DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND ind9-host DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1 AND lwresd DPKG is earlier than 1:9.6.ESV.R3+dfsg-0+lenny1

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:12722

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0286s

Facebook rss twitter linkedin mail