This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200801-16
(MaraDNS: CNAME Denial of Service)
Michael Krieger reported that a specially crafted DNS could prevent an
authoritative canonical name (CNAME) record from being resolved because
of an 'improper rotation of resource records'.
A remote attacker could send specially crafted DNS packets to a
vulnerable server, making it unable to resolve CNAME records.
Add 'max_ar_chain = 2' to the 'marac' configuration file.
See also :
All MaraDNS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-dns/maradns-1.2.12.09'
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Gentoo Local Security Checks
Nessus Plugin ID: 30128 (gentoo_GLSA-200801-16.nasl)
CVE ID: CVE-2008-0061
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.