This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A vulnerability exists with the bind nameserver dealing with
compressed zone transfers. This vulnerability can be exploited by
authorized zone transfers and used in a DoS attack. The named daemon
will crash if it receives this type of zone transfer from an
authorized source address. The crash is not necessarily immediate, but
can range from a few seconds to a few minutes from the time of the
This new version of bind also fixes a bug in the handling of the
compression pointer tables which can result in the nameserver entering
an infinite loop. This bug has been known to occur in the standard
processing of SRV records used with Windows 2000 Active Directory.
All Linux-Mandrake users are encouraged to upgrade bind immediately.
Update the affected bind, bind-devel and / or bind-utils packages.
Risk factor :
Medium / CVSS Base Score : 5.0