The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Scan fix for PCI-DSS

Discussion in 'Security' started by Gareth-AWD, Oct 1, 2015.

  1. Gareth-AWD

    Gareth-AWD Well-Known Member

    Joined:
    Jul 3, 2008
    Messages:
    144
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    London, UK
    cPanel Access Level:
    Root Administrator
    One of our customers needs a valid CVSS scan of our server. However, when I scan I get a fail on:

    ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure dns (53/udp)
    CVE-2012-1667

    I have the latest version of BIND installed that cPanel support.

    Any ideas how to fix this apparent vulnerability?
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    its patched you need to submit the change log to them example below

    rpm -q --changelog bind-9.8.2-0.37.rc1.el6_7.4 | grep CVE-2012-1667
    - fix CVE-2012-1667
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The OS vendor backports patches, known as CVEs, for Bind. You can use the following command to verify this and provide it to the compliance company:

    Code:
    rpm -q --changelog bind | grep CVE
    Thank you.
     
Loading...

Share This Page