Gentoo Security Advisory GLSA 201209-04 (bind) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201209-04.

Solution

All BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/bind-9.9.1_p3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-04 http://bugs.gentoo.org/show_bug.cgi?id=402661 http://bugs.gentoo.org/show_bug.cgi?id=419637 http://bugs.gentoo.org/show_bug.cgi?id=427966 http://bugs.gentoo.org/show_bug.cgi?id=434876

Insight

Multiple vulnerabilities have been found in BIND, the worst of which may allow remote Denial of Service.

Severity

Classification

CVE CVE-2012-1033, CVE-2012-1667, CVE-2012-3817, CVE-2012-3868, CVE-2012-4244

CVSS	Base Score: 8.5 AV:N/AC:L/Au:N/C:P/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200407-22 (dev-db/phpmyadmin)
Gentoo Security Advisory GLSA 200406-17 (IPsec-Tools)
Gentoo Security Advisory GLSA 200407-21 (Samba)
Gentoo Security Advisory GLSA 200409-15 (Usermin)
Gentoo Security Advisory GLSA 200406-16 (Apache)

Take action and discover your vulnerabilities