FreeBSD Ports: Bind Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html?lang=en http://www.isc.org/sw/bind/bind-security.php http://www.vuxml.org/freebsd/947f4b14-1c89-11da-bc01-000e0c2e438a.html

Insight

The following package is affected: bind CVE-2005-0033 Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.

Severity

Classification

CVE CVE-2005-0033

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeBSD Ports: clamav
FreeBSD Ports: apache
FreeBSD Ports: bind9
django -- multiple vulnerabilities
FreeBSD Ports: cgiwrap

Take action and discover your vulnerabilities