AIX 5.3 TL 12 : bind (IV85298) (deprecated)
high Nessus Plugin ID 91686
Language:
Synopsis
This plugin has been deprecated.Description
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause the named process to crash. ISC BIND is vulnerable to a denial of service, caused by an error when parsing signature records for DNAME resource records. A remote attacker could exploit this vulnerability to trigger an assertion failure in resolver.c or db.c and cause the named process to crash.This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory12.nasl (plugin id 102124).
Solution
n/aSee Also
http://aix.software.ibm.com/aix/efixes/security/bind_advisory12.asc
Plugin Details
Severity: High
ID: 91686
File Name: aix_IV85298.nasl
Version: Revision: 2.5
Type: local
Family: AIX Local Security Checks
Published: 6/20/2016
Updated: 8/3/2017
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS v3
Risk Factor: High
Base Score: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:ibm:aix:5.3
Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version
Patch Publication Date: 6/17/2016
Vulnerability Publication Date: 6/17/2016
Reference Information
CVE: CVE-2016-1285, CVE-2016-1286