AIX 5.3 TL 12 : bind (IV85298) (deprecated)

Medium Nessus Plugin ID 91686

Synopsis

This plugin has been deprecated.

Description

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause the named process to crash. ISC BIND is vulnerable to a denial of service, caused by an error when parsing signature records for DNAME resource records. A remote attacker could exploit this vulnerability to trigger an assertion failure in resolver.c or db.c and cause the named process to crash.

This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory12.nasl (plugin id 102124).

Solution

n/a

See Also

http://aix.software.ibm.com/aix/efixes/security/bind_advisory12.asc

Plugin Details

Severity: Medium

ID: 91686

File Name: aix_IV85298.nasl

Version: $Revision: 2.5 $

Type: local

Published: 2016/06/20

Modified: 2017/08/03

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSSv3

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/o:ibm:aix:5.3

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Patch Publication Date: 2016/06/17

Vulnerability Publication Date: 2016/06/17

Reference Information

CVE: CVE-2016-1285, CVE-2016-1286