Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FreeBSD Security Advisory (FreeBSD-SA-06:20.bind.asc)

Information

Severity

Severity

Medium

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

15 years ago

Modified

Modified

6 years ago

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:20.bind.asc

Insight

Insight

BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet domain name server. DNS Security Extensions (DNSSEC) are additional protocol options that add authentication and integrity to the DNS protocols. For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named(8) daemon. Also for a a recursive DNS server, an assertion failure can occur when processing a query whose reply will contain more than one SIG(covered) RRset. For an authoritative DNS server serving a RFC 2535 DNSSEC zone which is queried for the SIG records where there are multiple SIG(covered) RRsets (e.g. a zone apex), named(8) will trigger an assertion failure when it tries to construct the response.

Solution

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:20.bind.asc

Common Vulnerabilities and Exposures (CVE)