(Immunix Issues Fix) BIND 8 Negative Cache Poisoning May Cause Denial of Service Conditions
|
|
SecurityTracker Alert ID: 1008314
|
|
CVE Reference: CAN-2003-0914
(Links to External Site)
|
Date: Nov 27 2003
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 8.4.2 and prior versions
|
Description: A vulnerability was reported in BIND 8. A remote user can introduce invalid DNS records to cause denial of service conditions.
It is reported that a remote user can conduct a cache poisoning attack by causing the target server to retain invalid negative responses.
A temporary denial of service may occur until the invalid record expires from the cache.
No further details were provided.
|
Impact: A remote user can cause denial of service conditions.
|
Solution: Immunix has released a fix.
Package names and locations:
Precompiled binary packages for Immunix 7+ are available at:
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-8.2.3-3.3_imnx_5.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-devel-8.2.3-3.3_imnx_5
.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-utils-8.2.3-3.3_imnx_5.i386.rpm
A source package for
Immunix 7+ is available at:
http://download.immunix.org/ImmunixOS/7+/Updates/SRPMS/bind-8.2.3-3.3_imnx_5.src.rpm
Immunix
OS 7+ md5sums:
8a5874f96e1c76b11c214ab16e1183f4 RPMS/bind-8.2.3-3.3_imnx_5.i386.rpm
83535ea7a69ab222ccf5c8664bfd66b9 RPMS/bind-devel-8.2.3-3.3_imnx_5.i386.rpm
7669fedc653731bf54cc0dd48b258a8f RPMS/bind-utils-8.2.3-3.3_imnx_5.i386.rpm
445c908f0c4daffe0a153bc7e5514a85 SRPMS/bind-8.2.3-3.3_imnx_5.src.rpm
|
Vendor URL: isc.org/products/BIND/ (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Immunix)
|
Underlying OS Comments: 7+
|
Reported By: Immunix Security Team <security@immunix.com>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 26 Nov 2003 15:59:24 -0800
From: Immunix Security Team <security@immunix.com>
Subject: [Immunix-announce] Immunix Secured OS 7+ bind update
|
--===============65680102899640014==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="LpQ9ahxlCli8rRTG"
Content-Disposition: inline
--LpQ9ahxlCli8rRTG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
-----------------------------------------------------------------------
Immunix Secured OS Security Advisory
Packages updated: bind
Affected products: Immunix OS 7+
Bugs fixed: VU#734644 CAN-2003-0914
Date: Mon Oct 27 2003
Advisory ID: IMNX-2003-7+-024-01
Author: Seth Arnold <sarnold@immunix.com>
-----------------------------------------------------------------------
Description:
A vulnerability has been found in BIND that ".. allows an attacker to
conduct cache poisoning attacks on vulnerable name servers by
convincing the servers to retain invalid negative responses."
Our bind-8.2.3-3.3_imnx_5 packages fix this problem using a patch
derived from the BIND 8.3.7 release. This vulnerability has been named
CAN-2003-0914 by the CVE project.
We'd like to apologize to our US subscribers for the incredibly poor
timing, to release this notice a day before the Thanksgiving holiday.
Our options were limited by ISC, the package maintainer.
References: http://www.kb.cert.org/vuls/id/734644
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2003-0914
Package names and locations:
Precompiled binary packages for Immunix 7+ are available at:
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-8.2.3-3.3_imnx=
_5.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-devel-8.2.3-3.=
3_imnx_5.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/bind-utils-8.2.3-3.=
3_imnx_5.i386.rpm
A source package for Immunix 7+ is available at:
http://download.immunix.org/ImmunixOS/7+/Updates/SRPMS/bind-8.2.3-3.3_imn=
x_5.src.rpm
Immunix OS 7+ md5sums:
8a5874f96e1c76b11c214ab16e1183f4 RPMS/bind-8.2.3-3.3_imnx_5.i386.rpm
83535ea7a69ab222ccf5c8664bfd66b9 RPMS/bind-devel-8.2.3-3.3_imnx_5.i386.r=
pm
7669fedc653731bf54cc0dd48b258a8f RPMS/bind-utils-8.2.3-3.3_imnx_5.i386.r=
pm
445c908f0c4daffe0a153bc7e5514a85 SRPMS/bind-8.2.3-3.3_imnx_5.src.rpm
GPG verification: =
=20
Our public keys are available at http://download.immunix.org/GPG_KEY
Immunix, Inc., has changed policy with GPG keys. We maintain several
keys now: C53B2B53 for Immunix 7+ package signing, D3BA6C17 for
Immunix 7.3 package signing, and 1B7456DA for general security issues.
NOTE:
Ibiblio is graciously mirroring our updates, so if the links above are
slow, please try:
ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
or one of the many mirrors available at:
http://www.ibiblio.org/pub/Linux/MIRRORS.html
ImmunixOS 6.2 is no longer officially supported.
ImmunixOS 7.0 is no longer officially supported.
Contact information:
To report vulnerabilities, please contact security@immunix.com.
Immunix attempts to conform to the RFP vulnerability disclosure protocol
http://www.wiretrip.net/rfp/policy.html.
--LpQ9ahxlCli8rRTG
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE/xT5an5I6Lxt0VtoRAiJXAKCX1iqoBsICG85qjWmnl8W6N4bybwCg41bO
T2CFURviXae3LlCL213i+dw=
=V+K3
-----END PGP SIGNATURE-----
--LpQ9ahxlCli8rRTG--
--===============65680102899640014==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Immunix-announce mailing list
Immunix-announce@wirex.com
http://mail.wirex.com/mailman/listinfo/immunix-announce
--===============65680102899640014==--
|
|
