FreeBSD : dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory (1ecc0d3f-ae8e-11e1-965b-0024e88a8c98)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

ISC reports :

Processing of DNS resource records where the rdata field is zero
length may cause various issues for the servers handling them.

Processing of these records may lead to unexpected outcomes. Recursive
servers may crash or disclose some portion of memory to the client.
Secondary servers may crash on restart after transferring a zone
containing these records. Master servers may corrupt zone data if the
zone option 'auto-dnssec' is set to 'maintain'. Other unexpected
problems that are not listed here may also be encountered.

Impact: This issue primarily affects recursive nameservers.
Authoritative nameservers will only be impacted if an administrator
configures experimental record types with no data. If the server is
configured this way, then secondaries can crash on restart after
transferring that zone. Zone data on the master can become corrupted
if the zone with those records has named configured to manage the
DNSSEC key rotation.

See also :

http://www.isc.org/software/bind/advisories/cve-2012-1667
http://www.nessus.org/u?8efe14f7

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 59361 ()

Bugtraq ID:

CVE ID: CVE-2012-1667

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now