FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Internet Systems Consortium reports :

Organizations across the Internet reported crashes interrupting
service on BIND 9 nameservers performing recursive queries. Affected
servers crashed after logging an error in query.c with the following
message: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple
versions were reported being affected, including all currently
supported release versions of ISC BIND 9.

Because it may be possible to trigger this bug even on networks that
do not allow untrusted users to access the recursive name servers
(perhaps via specially crafted e-mail messages, and/or malicious web
sites) it is recommended that ALL operators of recursive name servers
upgrade immediately.

See also :

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
https://www.isc.org/software/bind/advisories/cve-2011-4313
http://www.nessus.org/u?e7043cd6

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56857 ()

Bugtraq ID: 50690

CVE ID: CVE-2011-4313