This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
A DNSSEC-related validator function in BIND 9.3.0 contains an
inappropriate internal consistency test. When this test is triggered,
named(8) will exit.
On systems with DNSSEC enabled, a remote attacker may be able to
inject a specially crafted packet that will cause the internal
consistency test to trigger, and named(8) to terminate. As a result,
the name server will no longer be available to service requests.
DNSSEC is not enabled by default, and the 'dnssec-enable' directive is
not normally present. If DNSSEC has been enabled, disable it by
changing the 'dnssec-enable' directive to 'dnssec-enable no;' in the
named.conf(5) configuration file.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.3