FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

The Internet Systems Consortium reports :

Organizations across the Internet reported crashes interrupting
service on BIND 9 nameservers performing recursive queries. Affected
servers crashed after logging an error in query.c with the following
message: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple
versions were reported being affected, including all currently
supported release versions of ISC BIND 9.

Because it may be possible to trigger this bug even on networks that
do not allow untrusted users to access the recursive name servers
(perhaps via specially crafted e-mail messages, and/or malicious web
sites) it is recommended that ALL operators of recursive name servers
upgrade immediately.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56857 ()

Bugtraq ID: 50690

CVE ID: CVE-2011-4313

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now