[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Vulnerabilidad CVE-2021-25216 (libdns-export1104 y libisc-export1100)

Buenas.

Revisando las vulnerabilidades me he topado con esta que es bastante
antigua y no entiendo muy bien porque no se ha actualizado.

Estoy utilizando Wazuh como SIEM y me detecta esta vulnerabilidad en
los servidores Debian. Resulta que tengo instalado en estos equipos la
versión de bind9 actualizada y parcheada, pero no tengo actualizado
ninguno de estos paquetes:
libdns-export1104
libisc-export1100

Os paso la información del paquete instalado y del bind9

Os ocurre a vosotros lo mismo????
No encuentro la forma de parchear esos paquetes o si incluso los puedo eliminar.

Package: libdns-export1104
Version: 1:9.11.5.P4+dfsg-5.1+deb10u5
Status: install ok installed
Priority: optional
Section: libs
Source: bind9
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Installed-Size: 2.474 kB
Depends: libc6 (>= 2.14), libisc-export1100, libssl1.1 (>= 1.1.1)
Homepage: https://www.isc.org/downloads/bind/
Download-Size: desconocido
APT-Manual-Installed: yes
APT-Sources: /var/lib/dpkg/status
Description: Exported DNS Shared Library
 The Berkeley Internet Name Domain (BIND) implements an Internet domain
 name server.  BIND is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package delivers the exported libdns shared library.


Package: bind9
Version: 1:9.18.19-1~deb12u1
Priority: optional
Section: net
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Installed-Size: 1.159 kB
Pre-Depends: init-system-helpers (>= 1.54~)
Depends: adduser, bind9-libs (= 1:9.18.19-1~deb12u1), bind9-utils (=
1:9.18.19-1~deb12u1), debconf | debconf-2.0, dns-root-data, iproute2,
lsb-base (>= 3.2-14), netbase, libc6 (>= 2.34), libcap2 (>= 1:2.10),
libfstrm0 (>= 0.2.0), libjson-c5 (>= 0.15), liblmdb0 (>= 0.9.7),
libmaxminddb0 (>= 1.3.0), libnghttp2-14 (>= 1.3.0), libprotobuf-c1 (>=
1.0.0), libssl3 (>= 3.0.0), libsystemd0, libuv1 (>= 1.40.0), libxml2
(>= 2.7.4), zlib1g (>= 1:1.1.4)
Suggests: bind-doc, dnsutils, resolvconf, ufw
Breaks: bind (<< 1:9.13.6~)
Replaces: bind (<< 1:9.13.6~)
Homepage: https://www.isc.org/downloads/bind/
Download-Size: 494 kB
APT-Sources: http://security.debian.org/debian-security
bookworm-security/main amd64 Packages
Description: Internet Domain Name Server
 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server.  BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package provides the server and related configuration files.
Reply to: