Amazon Linux: Security Advisory (ALAS-2015-566)
Information
Severity
Severity
High
Family
Family
Amazon Linux Local Security Checks
CVSSv2 Base
CVSSv2 Base
7.8
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
6 years ago
Modified
Modified
5 months ago
Summary
The remote host is missing an update announced via the referenced Security Advisory.
Insight
Insight
A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.
Solution
Solution
Run yum update bind to update your system.
Common Vulnerabilities and Exposures (CVE)
Free Vulnerability Scanner
Mageni can help you to scan, assess and manage your vulnerabilities.