AIX 7.2 : bos.net.tcp.bind_utils (U870384)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote AIX host is missing a vendor-supplied security patch.

Description :

The remote host is missing AIX PTF U870384, which is related to the
security of the package bos.net.tcp.bind_utils.

ISC BIND is vulnerable to a denial of service, caused by an error in
db.c when parsing incoming responses. A remote attacker could exploit
this vulnerability to trigger a REQUIRE assertion failure and cause a
denial of service.

ISC BIND is vulnerable to a denial of service, caused by improper
bounds checking in apl_42.c. By sending specially crafted Address
Prefix List (APL) data, a remote authenticated attacker could exploit
this vulnerability to trigger an INSIST assertion failure and cause
the named process to terminate.

See also :

http://www-01.ibm.com/support/docview.wss?uid=isg1IV80192
http://www-01.ibm.com/support/docview.wss?uid=isg1IV81282

Solution :

Install the appropriate missing security-related fix.

Risk factor :

High

Family: AIX Local Security Checks

Nessus Plugin ID: 91238 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now