Scribd Logo
Upload

Welcome to Scribd!

  • Vulnera Bili Dad Es 10

    Uploaded by

    Miguel Angel
    7 views1 page
    VULNERABILIDADES

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    VULNERABILIDADES

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views1 page

    Vulnera Bili Dad Es 10

    Uploaded by

    Miguel Angel
    VULNERABILIDADES

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    RESULTS:

    Package Installed Version Required Version


    kernel 3.10.0-693.17.1.el7.x86_64 3.10.0-862.2.3.el7
    kernel-tools 3.10.0-693.17.1.el7.x86_64 3.10.0-862.2.3.el7
    kernel-tools-libs 3.10.0-693.17.1.el7.x86_64 3.10.0-862.2.3.el7
    python-perf 3.10.0-693.17.1.el7.x86_64 3.10.0-862.2.3.el7

    4 Red Hat Update for bind (RHSA-2019:1294) CVSS: - CVSS3: 6.5 Active

    QID: 237259 CVSS Base: 4.3


    Category: RedHat CVSS Temporal: 3.2
    CVE ID: CVE-2018-5743
    Vendor Reference: RHSA-2019:1294
    Bugtraq ID: -
    Service Modified: 02/11/2019 CVSS3 Base: 7.5
    User Modified: - CVSS3 Temporal: 6.5
    Edited: No
    PCI Vuln: No
    Ticket State:

    First Detected: 09/02/2021 at 11:01:52 PM (GMT+0100)


    Last Detected: 11/02/2021 at 09:54:24 PM (GMT+0100)
    Times Detected: 11
    Last Fixed: N/A

    CVSS Environment:
    Asset Group: -
    Collateral Damage Potential: -
    Target Distribution: -
    Confidentiality Requirement: -
    Integrity Requirement: -
    Availability Requirement: -

    THREAT:
    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols.
    Security Fix: bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
    Affected Products: Red Hat Enterprise Linux Server 7 x86_64 Red Hat Enterprise Linux Server - Extended Update Support
    7.6 x86_64 Red Hat Enterprise Linux Server - AUS 7.6 x86_64 Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64 Red Hat Enterprise Linux for IBM z Systems 7 s390x Red Hat
    Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64 Red Hat Enterprise Linux for Scientific
    Computing 7 x86_64 Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64 Red Hat Enterprise Linux for Power,
    little endian 7 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le Red
    Hat Enterprise Linux Server - TUS 7.6 x86_64 Red Hat Enterprise Linux for ARM 64 7 aarch64 Red Hat Enterprise
    Linux for Power 9 7 ppc64le Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le

    IMPACT:
    On successful exploitation it could allow an attacker to execute code.

    SOLUTION:
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system (https://access.redhat.com/
    articles/11258) for details.
    Refer to Red Hat security advisory RHSA-2019:1294 (https://access.redhat.com/errata/RHSA-2019:1294) to address this issue and obtain more
    information.
    Patch:
    Following are links for downloading patches to fix the vulnerabilities:
    RHSA-2019:1294: Red Hat Enterprise Linux (https://access.redhat.com/errata/RHSA-2019:1294)

    COMPLIANCE:
    Not Applicable

    EXPLOITABILITY:

    CO-NO PROD page 204

    You might also like