Summary
The remote host is missing an update to bind9
announced via advisory DSA 1342-2.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201342-2
Insight
This update provides fixed packages for the oldstable distribution (sarge).
For reference the original advisory text:
Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.
For the oldstable distribution (sarge) this problem has been fixed in version 9.2.4-1sarge3. An update for mips, powerpc and hppa is not yet available, they will be released soon.
For the stable distribution (etch) this problem has been fixed in version 9.3.4-2etch1. An update for mips is not yet available, it will be released soon.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your BIND packages.
Severity
Classification
-
CVE CVE-2007-2926 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities