Mandriva Linux Security Advisory : bind (MDVSA-2008:139)
Medium Nessus Plugin ID 36526
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e.
for web and email traffic (CVE-2008-1447).
This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
SolutionUpdate the affected packages.