Mandriva Update For Bind MDVSA-2012:162 (bind) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was discovered and corrected in bind: A certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] (CVE-2012-5166). The updated packages have been upgraded to bind 9.7.6-P4 and 9.8.3-P4 which is not vulnerable to this issue.

Affected

bind on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-5166

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:149 (apache)
Mandrake Security Advisory MDVSA-2009:075 (firefox)
Mandrake Security Advisory MDVSA-2009:065 (php4)
Mandrake Security Advisory MDVSA-2009:052 (php-smarty)
Mandrake Security Advisory MDVSA-2009:021 (php)

Mandriva Update for bind MDVSA-2012:162 (bind)

Take action and discover your vulnerabilities