Gentoo Security Advisory GLSA 201209-04 (bind) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201209-04.

Solution

All BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/bind-9.9.1_p3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-04 http://bugs.gentoo.org/show_bug.cgi?id=402661 http://bugs.gentoo.org/show_bug.cgi?id=419637 http://bugs.gentoo.org/show_bug.cgi?id=427966 http://bugs.gentoo.org/show_bug.cgi?id=434876

Insight

Multiple vulnerabilities have been found in BIND, the worst of which may allow remote Denial of Service.

Severity

Classification

CVE CVE-2012-1033, CVE-2012-1667, CVE-2012-3817, CVE-2012-3868, CVE-2012-4244
CVSS Base Score: 8.5
AV:N/AC:L/Au:N/C:P/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200311-03 (HylaFAX)
Gentoo Security Advisory GLSA 200402-06 (Kernel)
Gentoo Security Advisory GLSA 200409-10 (multi-gnome-terminal)
Gentoo Security Advisory GLSA 200407-17 (net-dialup/l2tpd)
Gentoo Security Advisory GLSA 200403-09 (mc)

Take action and discover your vulnerabilities