Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63243
Category:FreeBSD Local Security Checks
Title:FreeBSD Security Advisory (FreeBSD-SA-09:04.bind.asc)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-09:04.bind.asc

BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server. DNS Security
Extensions (DNSSEC) are additional protocol options that add
authentication as part of responses to DNS queries.

FreeBSD includes software from the OpenSSL Project. The OpenSSL
Project is a collaborative effort to develop a robust,
commercial-grade, full-featured Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols as well as a full-strength general purpose cryptography
library.

The DSA_do_verify() function from OpenSSL is used to determine if a
DSA digital signature is valid. When DNSSEC is used within BIND it
uses DSA_do_verify() to verify DSA signatures, but checks the function
return value incorrectly.

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date

https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:04.bind.asc

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-0025
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BugTraq ID: 33151
http://www.securityfocus.com/bid/33151
Bugtraq: 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses (Google Search)
http://www.securityfocus.com/archive/1/499827/100/0/threaded
Bugtraq: 20090120 rPSA-2009-0009-1 bind bind-utils (Google Search)
http://www.securityfocus.com/archive/1/500207/100/0/threaded
Bugtraq: 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Google Search)
http://www.securityfocus.com/archive/1/502322/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00393.html
FreeBSD Security Advisory: FreeBSD-SA-09:04
http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc
HPdes Security Advisory: HPSBOV03226
http://marc.info/?l=bugtraq&m=141879471518471&w=2
HPdes Security Advisory: SSRT101004
http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33
http://www.ocert.org/advisories/ocert-2008-016.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10879
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5569
http://secunia.com/advisories/33494
http://secunia.com/advisories/33546
http://secunia.com/advisories/33551
http://secunia.com/advisories/33559
http://secunia.com/advisories/33683
http://secunia.com/advisories/33882
http://secunia.com/advisories/35074
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.540362
http://sunsolve.sun.com/search/document.do?assetkey=1-26-250846-1
http://www.vupen.com/english/advisories/2009/0043
http://www.vupen.com/english/advisories/2009/0366
http://www.vupen.com/english/advisories/2009/0904
http://www.vupen.com/english/advisories/2009/1297
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.