SuSE Security Advisory SUSE-SA:2009:040 (bind) Network Vulnerability

Summary

The remote host is missing updates announced in advisory SUSE-SA:2009:040.

Solution

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:040

Insight

Specially crafted zone update packets could trigger an exception in bind causing it to exit. The attack works if BIND is master for a zone even if zone updates are not configured (CVE-2009-0696).

Severity

Classification

CVE CVE-2009-0696

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

SLES10: Security update for pam_krb5
SLES10: Security update for knetworkmanager
SLES10: Security update for ethereal
SLES10: Security update for bind
SLES10: Security update for IBM Java 1.4.2

Take action and discover your vulnerabilities