FreeBSD : bind -- denial of service vulnerability (58033a95-bba8-11e4-88ae-d050992ecde8)

medium Nessus Plugin ID 81462

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

ISC reports :

When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors.

Solution

Update the affected packages.

See Also

https://kb.isc.org/docs/aa-01235

http://www.nessus.org/u?673ad77c

Plugin Details

Severity: Medium

ID: 81462

File Name: freebsd_pkg_58033a95bba811e488aed050992ecde8.nasl

Version: 1.10

Type: local

Published: 2/24/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bind910, p-cpe:/a:freebsd:freebsd:bind910-base, p-cpe:/a:freebsd:freebsd:bind99, p-cpe:/a:freebsd:freebsd:bind99-base, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 2/23/2015

Vulnerability Publication Date: 2/18/2015

Reference Information

CVE: CVE-2015-1349

BID: 72673

FreeBSD: SA-15:05.bind