GLSA-201006-11 : BIND: Multiple vulnerabilities
High Nessus Plugin ID 46778
Synopsis
The remote Gentoo host is missing one or more security-related patches.
Description
The remote host is affected by the vulnerability described in GLSA-201006-11 (BIND: Multiple vulnerabilities)
Multiple cache poisoning vulnerabilities were discovered in BIND. For further information please consult the CVE entries and the ISC Security Bulletin referenced below.
Note: CVE-2010-0290 and CVE-2010-0382 exist because of an incomplete fix and a regression for CVE-2009-4022.
Impact :
An attacker could exploit this weakness to poison the cache of a recursive resolver and thus spoof DNS traffic, which could e.g. lead to the redirection of web or mail traffic to malicious sites.
Workaround :
There is no known workaround at this time.
Solution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/bind-9.4.3_p5'