Oval Definition:oval:org.mitre.oval:def:19901
Revision Date:2015-04-20Version:29
Title:HP-UX Running BIND, Remote Domain Name Revalidation
Description:The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-1033
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.31
  • AND filesets tests
  • NameService.BIND-AUX version is less than C.9.7.3.1.0
  • OR NameService.BIND-RUN version is less than C.9.7.3.1.0
  • OR Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.11
  • AND BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.13.0
  • OR Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.23
  • AND filesets tests
  • BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.13.0
  • OR BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.13.0
  • OR Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.31
  • AND filesets tests
  • NameService.BIND-AUX version is less than C.9.3.2.15.0
  • OR NameService.BIND-RUN version is less than C.9.3.2.15.0
  • OR Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.11
  • AND BINDv920.INET-SVCS-BIND version is less than B.11.00.01.004
  • OR Criteria meets HP Security Bulletin HPSBUX02835
  • HP-UX B.11.23
  • AND filesets tests
  • InternetSrvcs.INETSVCS-INETD is installed
  • OR InternetSrvcs.INETSVCS-RUN is installed
  • OR InternetSrvcs.INETSVCS2-RUN is installed
  • AND NOT Patch PHNE_43369 is installed
    • BACK