Language:
https://security-tracker.debian.org/tracker/source-package/bind9
https://www.debian.org/security/2022/dsa-5105
https://security-tracker.debian.org/tracker/CVE-2021-25220
https://security-tracker.debian.org/tracker/CVE-2022-0396
Severity: Medium
ID: 159109
File Name: debian_DSA-5105.nasl
Version: 1.7
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 3/21/2022
Updated: 12/12/2022
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Factor: Medium
Score: 4.4
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS Score Source: CVE-2021-25220
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:libbind9-161, p-cpe:/a:debian:debian_linux:libisccfg-export163, p-cpe:/a:debian:debian_linux:bind9-doc, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:libbind-dev, p-cpe:/a:debian:debian_linux:libbind-export-dev, p-cpe:/a:debian:debian_linux:bind9-dnsutils, p-cpe:/a:debian:debian_linux:libisccc-export161, p-cpe:/a:debian:debian_linux:bind9-dev, p-cpe:/a:debian:debian_linux:dnsutils, p-cpe:/a:debian:debian_linux:bind9-host, p-cpe:/a:debian:debian_linux:libdns1104, p-cpe:/a:debian:debian_linux:libirs-export161, p-cpe:/a:debian:debian_linux:libisccc161, p-cpe:/a:debian:debian_linux:bind9-utils, p-cpe:/a:debian:debian_linux:libisccfg163, p-cpe:/a:debian:debian_linux:bind9utils, p-cpe:/a:debian:debian_linux:liblwres161, p-cpe:/a:debian:debian_linux:libisc1100, p-cpe:/a:debian:debian_linux:libdns-export1104, p-cpe:/a:debian:debian_linux:libisc-export1100, p-cpe:/a:debian:debian_linux:libirs161, p-cpe:/a:debian:debian_linux:bind9, p-cpe:/a:debian:debian_linux:bind9-libs
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Ease: No known exploits are available
Patch Publication Date: 3/18/2022
Vulnerability Publication Date: 3/16/2022
CVE: CVE-2021-25220, CVE-2022-0396
IAVA: 2022-A-0122-S