This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated bind packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the
Red Hat Security Response Team.
[Updated 29th July 2009] The packages in this erratum have been
updated to also correct this issue in the bind-sdb package.
The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server is
A flaw was found in the way BIND handles dynamic update message
packets containing the 'ANY' record type. A remote attacker could use
this flaw to send a specially crafted dynamic update packet that could
cause named to exit with an assertion failure. (CVE-2009-0696)
Note: even if named is not configured for dynamic updates, receiving
such a specially crafted dynamic update packet could still cause named
to exit unexpectedly.
All BIND users are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing the
update, the BIND daemon (named) will be restarted automatically.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true