FreeBSD : nsd -- Denial of Service (17f369dc-d7e7-11e1-90a2-000c299b62e1)
Medium Nessus Plugin ID 60150
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionTom Hendrikx reports :
It is possible to crash (SIGSEGV) a NSD child server process by sending it a DNS packet from any host on the internet and the per zone stats build option is enabled. A crashed child process will automatically be restarted by the parent process, but an attacker may keep the NSD server occupied restarting child processes by sending it a stream of such packets effectively preventing the NSD server to serve.
SolutionUpdate the affected package.