Mandriva Update For Bind MDVSA-2012:162 (bind) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was discovered and corrected in bind: A certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] (CVE-2012-5166). The updated packages have been upgraded to bind 9.7.6-P4 and 9.8.3-P4 which is not vulnerable to this issue.

Affected

bind on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-5166
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)
Mandrake Security Advisory MDVSA-2009:173 (pidgin)
Mandrake Security Advisory MDVSA-2009:150 (libtiff)
Mandrake Security Advisory MDVSA-2009:106 (libwmf)
Mandrake Security Advisory MDVSA-2009:024 (php4)

Mandriva Update for bind MDVSA-2012:162 (bind)

Take action and discover your vulnerabilities