FreeBSD : p5-Net-DNS -- multiple Vulnerabilities (d2b8a963-3d59-11dc-b3d3-0016179b2dd5)
Medium Nessus Plugin ID 25807
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA Secunia Advisory reports :
An error exists in the handling of DNS queries where IDs are incremented with a fixed value and are additionally used for child processes in a forking server. This can be exploited to poison the DNS cache of an application using the module if a valid ID is guessed.
An error in the PP implementation within the 'dn_expand()' function can be exploited to cause a stack overflow due to an endless loop via a specially crafted DNS packet.
SolutionUpdate the affected package.