FreeBSD : FreeBSD -- BIND remote denial of service (13031d98-9bd1-11e2-a7be-8c705af55518)

high Nessus Plugin ID 65840

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

Solution

Update the affected packages.

See Also

https://kb.isc.org/docs/aa-00871

http://www.nessus.org/u?df1671e7

Plugin Details

Severity: High

ID: 65840

File Name: freebsd_pkg_13031d989bd111e2a7be8c705af55518.nasl

Version: 1.12

Type: local

Published: 4/8/2013

Updated: 1/6/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 4/2/2013

Vulnerability Publication Date: 4/2/2013

Reference Information

CVE: CVE-2013-2266

BID: 58736

FreeBSD: SA-13:04.bind