Test ID:	1.3.6.1.4.1.25623.1.0.57327
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Security Advisory (FreeBSD-SA-06:20.bind.asc)
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-06:20.bind.asc
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:20.bind.asc Vulnerability Insight: BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet domain name server. DNS Security Extensions (DNSSEC) are additional protocol options that add authentication and integrity to the DNS protocols. For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named(8) daemon. Also for a recursive DNS server, an assertion failure can occur when processing a query whose reply will contain more than one SIG(covered) RRset. For an authoritative DNS server serving a RFC 2535 DNSSEC zone which is queried for the SIG records where there are multiple SIG(covered) RRsets (e.g. a zone apex), named(8) will trigger an assertion failure when it tries to construct the response. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4095 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html BugTraq ID: 19859 http://www.securityfocus.com/bid/19859 Bugtraq: 20060908 rPSA-2006-0166-1 bind bind-utils (Google Search) http://www.securityfocus.com/archive/1/445600/100/0/threaded CERT/CC vulnerability note: VU#915404 http://www.kb.cert.org/vuls/id/915404 Debian Security Information: DSA-1172 (Google Search) http://www.us.debian.org/security/2006/dsa-1172 FreeBSD Security Advisory: FreeBSD-SA-06:20.bind http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc http://security.gentoo.org/glsa/glsa-200609-11.xml HPdes Security Advisory: HPSBTU02207 https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144 HPdes Security Advisory: SSRT061213 HPdes Security Advisory: SSRT061239 HPdes Security Advisory: SSRT071304 http://www.mandriva.com/security/advisories?name=MDKSA-2006:163 http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en OpenBSD Security Advisory: [3.9] 20060908 010: SECURITY FIX: September 8, 2006 http://www.openbsd.org/errata.html http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html http://securitytracker.com/id?1016794 http://secunia.com/advisories/21752 http://secunia.com/advisories/21786 http://secunia.com/advisories/21816 http://secunia.com/advisories/21818 http://secunia.com/advisories/21828 http://secunia.com/advisories/21835 http://secunia.com/advisories/21838 http://secunia.com/advisories/21912 http://secunia.com/advisories/21926 http://secunia.com/advisories/22298 http://secunia.com/advisories/24950 http://secunia.com/advisories/25402 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241 SuSE Security Announcement: SUSE-SR:2006:023 (Google Search) http://www.novell.com/linux/security/advisories/2006_23_sr.html SuSE Security Announcement: SUSE-SR:2006:024 (Google Search) http://www.novell.com/linux/security/advisories/2006_24_sr.html http://www.ubuntu.com/usn/usn-343-1 http://www.vupen.com/english/advisories/2006/3473 http://www.vupen.com/english/advisories/2007/1401 http://www.vupen.com/english/advisories/2007/1939 XForce ISS Database: bind-dnssec-rrset-dos(28745) https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.