Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-888-1.NASL
HistoryJan 21, 2010 - 12:00 a.m.

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : bind9 vulnerabilities (USN-888-1)

2010-01-2100:00:00
Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.013

Percentile

85.8%

JSON

It was discovered that Bind would incorrectly cache bogus NXDOMAIN responses. When DNSSEC validation is in use, a remote attacker could exploit this to cause a denial of service, and possibly poison DNS caches. (CVE-2010-0097)

USN-865-1 provided updated Bind packages to fix a security vulnerability. The upstream security patch to fix CVE-2009-4022 was incomplete and CVE-2010-0290 was assigned to the issue. This update corrects the problem.

Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-888-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(44106);
  script_version("1.17");
  script_cvs_date("Date: 2019/09/19 12:54:26");

  script_cve_id("CVE-2009-4022", "CVE-2010-0097", "CVE-2010-0290");
  script_bugtraq_id(37865);
  script_xref(name:"USN", value:"888-1");

  script_name(english:"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : bind9 vulnerabilities (USN-888-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that Bind would incorrectly cache bogus NXDOMAIN
responses. When DNSSEC validation is in use, a remote attacker could
exploit this to cause a denial of service, and possibly poison DNS
caches. (CVE-2010-0097)

USN-865-1 provided updated Bind packages to fix a security
vulnerability. The upstream security patch to fix CVE-2009-4022 was
incomplete and CVE-2010-0290 was assigned to the issue. This update
corrects the problem.

Michael Sinatra discovered that Bind did not correctly validate
certain records added to its cache. When DNSSEC validation is in use,
a remote attacker could exploit this to spoof DNS entries and poison
DNS caches. Among other things, this could lead to misdirected email
and web traffic.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/888-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:bind9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:bind9-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:bind9-host");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:bind9utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:dnsutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libbind-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libbind9-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libbind9-30");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libbind9-40");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libbind9-50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns21");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns23");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns35");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns36");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns43");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns44");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns45");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns46");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns53");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisc11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisc35");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisc44");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisc45");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisc50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccc0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccc30");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccc40");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccc50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccfg1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccfg30");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccfg40");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libisccfg50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liblwres30");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liblwres40");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liblwres50");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liblwres9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:lwresd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/01/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(6\.06|8\.04|8\.10|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"6.06", pkgname:"bind9", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"bind9-doc", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"bind9-host", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"dnsutils", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libbind-dev", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libbind9-0", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libdns21", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libdns23", pkgver:"1:9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libisc11", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libisccc0", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libisccfg1", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"liblwres9", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"lwresd", pkgver:"9.3.2-2ubuntu1.11")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"bind9", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"bind9-doc", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"bind9-host", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"dnsutils", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libbind-dev", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libbind9-30", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libdns35", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libdns36", pkgver:"1:9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libisc35", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libisccc30", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libisccfg30", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"liblwres30", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"lwresd", pkgver:"9.4.2.dfsg.P2-2ubuntu0.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"bind9", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"bind9-doc", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"bind9-host", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"bind9utils", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"dnsutils", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libbind-dev", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libbind9-40", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libdns43", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libdns44", pkgver:"1:9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libisc44", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libisccc40", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libisccfg40", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"liblwres40", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"lwresd", pkgver:"9.5.0.dfsg.P2-1ubuntu3.5")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"bind9", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"bind9-doc", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"bind9-host", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"bind9utils", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"dnsutils", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libbind-dev", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libbind9-40", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libdns45", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libdns46", pkgver:"1:9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libisc45", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libisccc40", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libisccfg40", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"liblwres40", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"lwresd", pkgver:"9.5.1.dfsg.P2-1ubuntu0.4")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"bind9", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"bind9-doc", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"bind9-host", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"bind9utils", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"dnsutils", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libbind-dev", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libbind9-50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libdns50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libdns53", pkgver:"1:9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libisc50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libisccc50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libisccfg50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"liblwres50", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"lwresd", pkgver:"9.6.1.dfsg.P1-3ubuntu0.3")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind9 / bind9-doc / bind9-host / bind9utils / dnsutils / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxlibdns50p-cpe:/a:canonical:ubuntu_linux:libdns50
canonicalubuntu_linuxliblwres40p-cpe:/a:canonical:ubuntu_linux:liblwres40
canonicalubuntu_linuxliblwres30p-cpe:/a:canonical:ubuntu_linux:liblwres30
canonicalubuntu_linuxlibdns21p-cpe:/a:canonical:ubuntu_linux:libdns21
canonicalubuntu_linuxlibisc50p-cpe:/a:canonical:ubuntu_linux:libisc50
canonicalubuntu_linuxlibbind9-50p-cpe:/a:canonical:ubuntu_linux:libbind9-50
canonicalubuntu_linuxlibdns36p-cpe:/a:canonical:ubuntu_linux:libdns36
canonicalubuntu_linuxlibisc45p-cpe:/a:canonical:ubuntu_linux:libisc45
canonicalubuntu_linuxlibisccfg1p-cpe:/a:canonical:ubuntu_linux:libisccfg1
canonicalubuntu_linuxlibdns23p-cpe:/a:canonical:ubuntu_linux:libdns23
Rows per page:
1-10 of 431

Related

ubuntu 2
nessus 49
openvas 58
securityvulns 6
oraclelinux 2
gentoo 1
centos 2
redhat 3
debiancve 4
nvd 4
cve 4
cvelist 4
fedora 4
veracode 3
prion 4
slackware 2
f5 7
ubuntucve 4
debian 3
osv 2
altlinux 4
cert 2
suse 2
freebsd_advisory 1
checkpoint_security 1
seebug 1
vmware 4
ubuntu
ubuntu
Bind vulnerabilities
2010-01-20 00:00:00
Bind vulnerability
2009-12-07 00:00:00
nessus
nessus
Scientific Linux Security Update : bind on SL5.x i386/x86_64
2012-08-01 00:00:00
SuSE 11 Security Update : bind (SAT Patch Number 1844)
2010-01-26 00:00:00
openSUSE Security Update : bind (bind-1843)
2010-01-26 00:00:00
openvas
openvas
Ubuntu Update for bind9 vulnerabilities USN-888-1
2010-01-22 00:00:00
RedHat Update for bind RHSA-2010:0062-02
2010-01-25 00:00:00
CentOS Update for bind CESA-2010:0062 centos5 i386
2011-08-09 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:021 ] bind
2010-01-21 00:00:00
rPSA-2010-0018-1 bind bind-utils caching-nameserver
2010-03-17 00:00:00
bind DNS server cache poisoning
2010-03-17 00:00:00
oraclelinux
oraclelinux
bind security update
2010-01-20 00:00:00
bind security update
2009-11-30 00:00:00
gentoo
gentoo
BIND: Multiple vulnerabilities
2010-06-01 00:00:00
centos
centos
bind, caching security update
2010-01-20 17:59:57
bind, caching security update
2009-12-17 12:39:21
redhat
redhat
(RHSA-2010:0062) Moderate: bind security update
2010-01-20 00:00:00
(RHSA-2009:1620) Moderate: bind security update
2009-11-30 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
debiancve
debiancve
CVE-2010-0290
2010-01-22 22:00:00
CVE-2010-0097
2010-01-22 22:00:00
CVE-2009-4022
2009-11-25 16:30:00
nvd
nvd
CVE-2010-0290
2010-01-22 22:00:00
CVE-2010-0097
2010-01-22 22:00:00
CVE-2009-4022
2009-11-25 16:30:00
cve
cve
CVE-2010-0290
2010-01-22 22:00:00
CVE-2010-0097
2010-01-22 22:00:00
CVE-2009-4022
2009-11-25 16:30:00
cvelist
cvelist
CVE-2010-0290
2010-01-22 21:20:00
CVE-2009-4022
2009-11-25 16:00:00
CVE-2010-0097
2010-01-22 21:20:00
fedora
fedora
[SECURITY] Fedora 12 Update: bind-9.6.1-15.P3.fc12
2010-01-21 00:14:47
[SECURITY] Fedora 11 Update: bind-9.6.1-9.P3.fc11
2010-01-21 00:13:26
[SECURITY] Fedora 12 Update: bind-9.6.1-13.P2.fc12
2009-11-27 21:43:51
veracode
veracode
Cache Poisoning Attack
2020-04-10 00:41:38
Cache Poisoning Attack
2020-04-10 00:41:37
Cache Poisoning Attack
2020-04-10 00:41:27
prion
prion
Design/Logic Flaw
2010-01-22 22:00:00
Code injection
2010-01-22 22:00:00
Design/Logic Flaw
2009-11-25 16:30:00
slackware
slackware
[slackware-security] bind
2010-06-25 18:32:41
bind
2009-12-02 17:30:47
f5
f5
SOL15748 - BIND vulnerability CVE-2010-0290
2014-10-27 00:00:00
K15748 : BIND vulnerability CVE-2010-0290
2014-10-27 00:00:00
SOL17025 - BIND DNSSEC vulnerability CVE-2010-0097
2015-07-30 00:00:00
ubuntucve
ubuntucve
CVE-2010-0290
2010-01-19 00:00:00
CVE-2010-0097
2010-01-19 00:00:00
CVE-2009-4022
2009-11-25 00:00:00
debian
debian
[SECURITY] [DSA 2054-2] New bind9 packages fix cache poisoning
2010-06-15 20:05:57
[SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning
2010-06-04 19:22:30
[SECURITY] [DSA 1961-1] New bind9 packages fix cache poisoning
2009-12-23 07:07:33
osv
osv
bind9 - cache poisoning
2010-06-04 00:00:00
bind9 - cache poisoning
2009-12-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 6 package bind version 9.3.6-alt7
2011-12-16 00:00:00
Security fix for the ALT Linux 7 package bind version 9.3.6-alt7
2011-12-16 00:00:00
cert
cert
BIND DNS Nameserver, DNSSEC validation Vulnerability
2009-12-01 00:00:00
BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses
2010-01-19 00:00:00
suse
suse
DNSSEC cache poisoning in bind
2009-12-02 11:21:35
remote code execution in acroread
2010-01-26 16:40:23
freebsd_advisory
freebsd_advisory
FreeBSD-SA-10:01.bind
2010-01-06 00:00:00
checkpoint_security
checkpoint_security
Check Point response to vulnerability in ISC BIND (CVE-2009-4022) on UTM-1 Edge
2010-01-14 22:00:00
seebug
seebug
ISC BIND 9 DNSSEC查询响应远程缓存中毒漏洞
2009-11-27 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.013

Percentile

85.8%

JSON
Related for UBUNTU_USN-888-1.NASL
ubuntu2nessus49openvas58securityvulns6oraclelinux2gentoo1centos2redhat3debiancve4nvd4cve4cvelist4fedora4veracode3prion4slackware2f57ubuntucve4debian3osv2altlinux4cert2suse2freebsd_advisory1checkpoint_security1seebug1vmware4