Detections
Analytics

Fedora 19 : maradns-2.0.09-1.fc19 (2014-2439)

high Nessus Plugin ID 73310

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

There has been a long-standing bug in Deadwood (ever since 2007) where bounds checking for strings was not correctly done under some circumstances.

Because of this, it has been possible to send Deadwood a 'packet of death' which will crash Deadwood. Since the attack causes out-of-bounds memory to be read, but not written to, the impact of the bug is denial of service. It appears this attack can only be exploited by an IP with permission to perform recursive queries against Deadwood.

Note that this bug only affects users of the Deadwood recursive resolver.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected maradns package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1064750

http://www.nessus.org/u?a39c8dd1

Plugin Details

Severity: High

ID: 73310

File Name: fedora_2014-2439.nasl

Version: 1.4

Type: local

Agent: unix

Published: 4/3/2014

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:maradns, cpe:/o:fedoraproject:fedora:19

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2/14/2014

Reference Information

FEDORA: 2014-2439