PorkBind updated to 1.3.
PorkBind is a multi-threaded nameserver scanner that can recursively query nameservers of subdomains for version strings. (i.e. sub.host.dom’s nameservers then host.dom’s nameservers) After acquiring the version strings it tests them against version numbers from CERT advisories and reports back to the user. Zone transfer capability is also tested for
The new release comes with some changes. I’ve exchanged some emails with the tool’s author (Derek Callaway) and made him a request (add CVE Ids).
Now the tool scans for 14 flaws and reports CVE numbers. For those who wants to get more info about the vulnerabilities associated with their OVAL ID, CVSS v2, CPE, CWE just past the CVE into the link
http://www.security-database.com./detail.php?alert=YOUR-CVE-HERE.
The main list of CVE’s reported by PorkBind could be reached here
Changes :
- Wrote in-a-bind shell script that scans random domain names from DMOZ
Implemented recursive query testing - Changed porkbind.conf to use CVE numbers in addition to CERT alerts
- Modified text displayed on stdout to make it more parsable
- Licensed with GNU Lesser General Public License
- Fixed timeout/concurrency/memory corruption bugs
- Fixed improper comparison of alpha/beta version numbering bug
- Added typecasts to silence compiler warnings
Post scriptum
Compliance Mandates
|
Related Articles
Configurations checks |
|
PorkBind |
|
Vulnerability Scanner |
|