FreeBSD : dns/bind9* -- A recursive resolver can be crashed by a query for a malformed zone (72f35727-ce83-11e2-be04-005056a37f68)
High Nessus Plugin ID 66837
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionISC reports :
A bug has been discovered in the most recent releases of BIND 9 which has the potential for deliberate exploitation as a denial-of-service attack. By sending a recursive resolver a query for a record in a specially malformed zone, an attacker can cause BIND 9 to exit with a fatal 'RUNTIME_CHECK' error in resolver.c.
SolutionUpdate the affected packages.