Security Scan fix for PCI-DSS

G

Gareth-AWD

Well-Known Member
Jul 3, 2008
195
13
68
London, UK
cPanel Access Level
Root Administrator
One of our customers needs a valid CVSS scan of our server. However, when I scan I get a fail on:

ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure dns (53/udp)
CVE-2012-1667

I have the latest version of BIND installed that cPanel support.

Any ideas how to fix this apparent vulnerability?
 
dalem

dalem

Well-Known Member
PartnerNOC
Oct 24, 2003
2,983
159
368
SLC
cPanel Access Level
DataCenter Provider
its patched you need to submit the change log to them example below

rpm -q --changelog bind-9.8.2-0.37.rc1.el6_7.4 | grep CVE-2012-1667
- fix CVE-2012-1667
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,267
463
Hello :)

The OS vendor backports patches, known as CVEs, for Bind. You can use the following command to verify this and provide it to the compliance company:

Code: 
rpm -q --changelog bind | grep CVE
Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
K Mod_security and scan of port 443 Security 12
J Anyone experience with Grype security scanner? Security 2
A Cyber security web scanner Security 1
B Is anyone here able to set up modsecurity so it scans file uploads in real time and rejects malicious ones. Security 1
J Logs real time & interacting with log security scanners Security 1
Similar threads
Mod_security and scan of port 443
Anyone experience with Grype security scanner?
Cyber security web scanner
Is anyone here able to set up modsecurity so it scans file uploads in real time and rejects malicious ones.
Logs real time & interacting with log security scanners
Top Bottom