Mandriva Update For Bind MDVSA-2012:119 (bind) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was discovered and corrected in bind: High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a bad cache data structure before it has been initialized (CVE-2012-3817). The updated packages have been upgraded to bind 9.7.6-P2 and 9.8.3-P2 which is not vulnerable to this issue.

Affected

bind on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-3817

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:093 (mpg123)
Mandrake Security Advisory MDVSA-2009:014 (mplayer)
Mandrake Security Advisory MDVSA-2009:132 (libsndfile)
Mandrake Security Advisory MDVSA-2009:044 (firefox)
Mandrake Security Advisory MDVSA-2009:022 (php)

Mandriva Update for bind MDVSA-2012:119 (bind)

Take action and discover your vulnerabilities