Summary
The remote host is missing an update to ldns
announced via advisory DSA 2353-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202353-1
Insight
David Wheeler discovered a buffer overflow in ldns's code to parse RR records, which could lead to the execution of arbitrary code.
For the oldstable distribution (lenny), this problem has been fixed in version 1.4.0-1+lenny2.
For the stable distribution (squeeze), this problem has been fixed in version 1.6.6-2+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 1.6.11-1.
We recommend that you upgrade your ldns packages.
Severity
Classification
-
CVE CVE-2011-3581 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities