-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathporkbind.conf
18 lines (18 loc) · 1.4 KB
/
porkbind.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# The first ruleset tests two branches of BIND development and states:
# If BIND version is less than 4.9.6, OR less than 8.8.1 _AND_ greater than 8.
# Condition Vulnerability Advisory
#
>4&<4.9.6|>8&<8.1.1 "Cache Poisoning" CVE-1999-0024,CA-97.22
>8.2&<8.2.2 "NXT Bug" CVE-1999-0833,CA-99-14
>4&<4.9|>8&<8.1.2 "Inverse Query Buffer Overrun" CVE-1999-0009,CA-98.05
>4&<4.9|>8&<8.1.2 "Denial-of-Service Vulnerablities" CVE-1999-0009,CA-98.05
>4&<4.9.5 "nslookupComplain Buffer Overflow" CVE-2001-0013,CA-2001-02
>8.2&<8.2.3 "TSIG Buffer Overflow" CVE-2001-0013,CA-2001-02
>4.9&<4.9.8|>8.2&<8.2.3 "Environment Variable Disclosure" CVE-2001-0013,CA-2001-02
>9&<9.2.1 "dns_message_findtype Denial of Service" CVE-2002-0400,CA-2002-15
>4.9.4&<4.9.11|>8.2&<8.2.7|>8.3&<8.3.4 "Malformed SIG Overflow" CVE-2002-1220,CA-2002-31
>8.2&<8.2.7|>8.3&<8.3.4 "SIG RR NULL pointer dereference" CVE-2002-1221,CA-2002-31
>8&<8.3.3-P1 "Cryptographically weak DNS Query ID's" CVE-2007-2930,CERT-VU#927905
>9.2&<9.2.8-P1|>9.3&<9.3.4-P1|>9.4&<9.4.1-P1|>9.5&<9.5.0a6 "Cryptographically weak DNS Query ID's" CVE-2007-2926,CERT-VU#252735
>8&<9|>9&<9.3|>9.3&<9.3.5|>9.4&<9.4.3|>9.5&<9.5.0b2 "Buffer Overflow in inet_network" CVE-2008-0122,CERT-VU#203611
>8&<9|>9&<9.3|>9.3&<9.3.5-P1|>9.4&<9.4.2-P1|>9.4&<9.4.3b2|>9.5&<9.5.0-P1 "Cache Poisoning" CVE-2008-1447,TA08-190B