AIX 7.1 TL 3 : bind (IV81280) (deprecated)

Medium Nessus Plugin ID 90718

Synopsis

This plugin has been deprecated.

Description

ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl_42.c. By sending specially crafted Address Prefix List (APL) data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate.

This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory11.nasl (plugin id 102123).

Solution

n/a

See Also

http://aix.software.ibm.com/aix/efixes/security/bind_advisory11.asc

Plugin Details

Severity: Medium

ID: 90718

File Name: aix_IV81280.nasl

Version: $Revision: 2.3 $

Type: local

Published: 2016/04/27

Modified: 2017/08/03

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSSv3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Patch Publication Date: 2016/04/25

Vulnerability Publication Date: 2016/04/25

Reference Information

CVE: CVE-2015-8704