FreeBSD Ports: Bind9 Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades.

Insight

The following package is affected: bind9 CVE-2006-4095 BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. CVE-2006-4096 BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.

Severity

Classification

CVE CVE-2006-4095, CVE-2006-4096
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeBSD Ports: asterisk14
FreeBSD Ports: apache
FreeBSD Ports: automake
FreeBSD Ports: apache
FreeBSD Ports: bugzilla

FreeBSD Ports: bind9

Take action and discover your vulnerabilities