SuSE 10 Security Update : bind (ZYPP Patch Number 7551)

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update provides bind 9.6ESVR4P1 which fixes a denial of service
vulnerability that can be triggered by very large RRSIG RRsets in a
negative response and crash named. (CVE-2011-1910)

It further provides a fix for a defect which may cause queries for
.com names to fail with validation errors when DNSSEC records for the
.com zone are initially inserted into the root zone.

Please refer to https://www.isc.org/software/bind/new-features/9.6 for
more information on additional improvements and bug fixes.

See also :

http://support.novell.com/security/cve/CVE-2011-1910.html

Solution :

Apply ZYPP patch number 7551.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 57160 ()

Bugtraq ID:

CVE ID: CVE-2011-1910

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now