× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Bind9 Exploits CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444

kginter
Aspirant

Bind9 Exploits CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444

Hello everybody,

I curently use my ReadyNAS as a DNS server using Bind9 version 9.9.5-9+deb8u7-Debian. I recently came across CVE-2016-9131, CVE-2016-9147, as well as CVE-2016-9444, and realized that I am vulnerable to these exploits. ReadyNAS OS 6 Version 6.6.1 was recently released, but the release notes do not mention these as part of the update. I am wondering when Netgear will release an update in order to patch these vulnerabilities. According to kb.isc.org, this is patched in Bind9 9.9.5-P5, Bind9 9.10.4-P5, or Bind9 9.11.0-P2. Any information that anybody has is appreciated.

 

Thanks.

Model: ReadyNASRNDP6620v2|ReadyNAS Pro 6
Message 1 of 3

Accepted Solutions
StephenB
Guru

Re: Bind9 Exploits CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444

Stock OS 6.6.1 doesn't include Bind9 at all.  You must have manually installed it.  

 

Did you try the obvious apt-get update bind9 ?

View solution in original post

Message 2 of 3

All Replies
StephenB
Guru

Re: Bind9 Exploits CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444

Stock OS 6.6.1 doesn't include Bind9 at all.  You must have manually installed it.  

 

Did you try the obvious apt-get update bind9 ?

Message 2 of 3
kginter
Aspirant

Re: Bind9 Exploits CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444

Hello Stephen, thanks for your reply. 

 

I overlooked the issue and initially thought that the systems came with Bind9. After reading your response, I first ran the "apt-get update bind9" command which responded with "E: The update command takes no arguments," so I then ran "apt-get install bind9" which was able to install the most recent patched version (1:9.9.5.dfsg-9+deb8u9). Thanks for the suggestion which lead me to completing the patch.

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 1422 views
  • 0 kudos
  • 2 in conversation
Announcements