Debian DSA-2347-1 : bind9 - improper assert

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Debian host is missing a security-related update.

Description :

It was discovered that BIND, a DNS server, crashes while processing
certain sequences of recursive DNS queries, leading to a denial of
service. Authoritative-only server configurations are not affected by
this issue.

See also :

http://www.debian.org/security/2011/dsa-2347

Solution :

Upgrade the bind9 packages.

For the oldstable distribution (lenny), this problem has been fixed in
version 1:9.6.ESV.R4+dfsg-0+lenny4.

For the stable distribution (squeeze), this problem has been fixed in
version 1:9.7.3.dfsg-1~squeeze4.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Debian Local Security Checks

Nessus Plugin ID: 56856 ()

Bugtraq ID:

CVE ID: CVE-2011-4313