Debian Security Advisory DSA 1434-1 (mydns) Network Vulnerability

Summary

The remote host is missing an update to mydns announced via advisory DSA 1434-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201434-1

Insight

It was discovered that in MyDNS, a domain name server with database backend, the daemon could be crashed through malicious remote update requests, which may lead to denial of service. For the stable distribution (etch), this problem has been fixed in version 1:1.1.0-7etch1. The old stable distribution (sarge) is not affected. For the unstable distribution (sid), this problem has been fixed in version 1.1.0-8. We recommend that you upgrade your mydns packages.

Severity

Classification

CVE CVE-2007-2362
CVSS Base Score: 9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 069-1 (xloadimage)
Debian Security Advisory DSA 1004-1 (vlc)
Debian Security Advisory DSA 033-1 (analog)
Debian Security Advisory DSA 1026-1 (sash)
Debian Security Advisory DSA 028-1 (man-db)

Take action and discover your vulnerabilities