FreeBSD : FreeBSD -- BIND remote denial of service (13031d98-9bd1-11e2-a7be-8c705af55518)

High Nessus Plugin ID 65840

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

Solution

Update the affected packages.

See Also

https://kb.isc.org/docs/aa-00871

http://www.nessus.org/u?df1671e7

Plugin Details

Severity: High

ID: 65840

File Name: freebsd_pkg_13031d989bd111e2a7be8c705af55518.nasl

Version: 1.10

Type: local

Published: 2013/04/08

Updated: 2018/12/19

Dependencies: 12634

Configuration: Enable paranoid mode

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/04/02

Vulnerability Publication Date: 2013/04/02

Reference Information

CVE: CVE-2013-2266

BID: 58736

FreeBSD: SA-13:04.bind