Scientific Linux Security Update : bind on SL7.x x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- A flaw was found in the way BIND handled TSIG
authentication for dynamic updates. A remote attacker
able to communicate with an authoritative BIND server
could use this flaw to manipulate the contents of a
zone, by forging a valid TSIG or SIG(0) signature for a
dynamic update request. (CVE-2017-3143)

- A flaw was found in the way BIND handled TSIG
authentication of AXFR requests. A remote attacker, able
to communicate with an authoritative BIND server, could
use this flaw to view the entire contents of a zone by
sending a specially constructed request packet.
(CVE-2017-3142)

Bug Fix(es) :

- ICANN is planning to perform a Root Zone DNSSEC Key
Signing Key (KSK) rollover during October 2017.
Maintaining an up-to-date KSK, by adding the new root
zone KSK, is essential for ensuring that validating DNS
resolvers continue to function following the rollover.

See also :

http://www.nessus.org/u?ddee4915

Solution :

Update the affected packages.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 101257 ()

Bugtraq ID:

CVE ID: CVE-2017-3142
CVE-2017-3143

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now