Gentoo Security Advisory GLSA 201206-01 (bind) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201206-01.

Solution

All bind users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/bind-9.7.4_p1' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since December 22, 2011. It is likely that your system is already no longer affected by this issue. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-01 http://bugs.gentoo.org/show_bug.cgi?id=347621 http://bugs.gentoo.org/show_bug.cgi?id=356223 http://bugs.gentoo.org/show_bug.cgi?id=368863 http://bugs.gentoo.org/show_bug.cgi?id=374201 http://bugs.gentoo.org/show_bug.cgi?id=374623 http://bugs.gentoo.org/show_bug.cgi?id=390753

Insight

Multiple vulnerabilities have been found in BIND, the worst of which allowing to cause remote Denial of Service.

Severity

Classification

CVE CVE-2010-3613, CVE-2010-3614, CVE-2010-3615, CVE-2010-3762, CVE-2011-0414, CVE-2011-1910, CVE-2011-2464, CVE-2011-2465, CVE-2011-4313

CVSS	Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities