Title

The SA has not subscribed to ISC's mailing list "bind announce" for updates on vulnerabilities and software notifications. (Cat III impact)

Discussion

Whether running the latest version or software or an earlier version, the administrator should be aware of the vulnerabilities, exploits, security fixes, and patches for the version that is in operation in the enterprise.

Check Content

If the site is using BIND, interview the SA to determine if they have subscribed to ISC’s mailing list called “bind-announce” (information on the Internet at ttp://www.isc.org/sw/bind/bind-lists.php) for vulnerabilities and software notifications.Note: This check only applies to Windows and Unix systems running BIND. It should be marked Not Applicable for those not running BIND. If the site is using BIND, interview the SA to determine if they have subscribed to ISC’s mailing list called “bind-announce” (information on the Internet at http://www.isc.org/sw/bind/bind-lists.php) for vulnerabilities and software notifications.

Fix Text

If BIND is utilized, the SA will subscribe to ISC’s mailing list called “bind-announce” (information on the Internet at http://www.isc.org/sw/bind/bind-lists.php) for vulnerabilities and software notifications.

Additional Identifiers

Rule ID: SV-13620r1_rule

Vulnerability ID: V-13052

Group Title: SA has not subscribed to vendor mailing list.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.