Scientific Linux Security Update : bind on SL5.x, SL4.x, SL3.x i386/x86_64
Medium Nessus Plugin ID 60231
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way BIND generates outbound DNS query ids. If an attacker is able to acquire a finite set of query IDs, it becomes possible to accurately predict future query IDs. Future query ID prediction may allow an attacker to conduct a DNS cache poisoning attack, which can result in the DNS server returning incorrect client query data. (CVE-2007-2926)
SolutionUpdate the affected packages.