<< Previous Next >>
Bind
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0004
Synopsis: ESX Service Console updates for openssl, bind, and
vim
Issue date: 2009-03-31
Updated on: 2009-03-31 (initial release of advisory)
CVE numbers: CVE-2008-5077 CVE-2009-0025 CVE-2008-4101
CVE-2008-3432 CVE-2008-2712 CVE-2007-2953
The following packages were identified as affected by a vulnerability
similar to the OpenSSL one, as they use OpenSSL DSA_verify function and
incorrectly check the return code.
BIND <= 9.4.3
Lasso <= 2.2.1
ZXID <= 0.29
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03070783
Version: 1
HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-10-27
Last Updated: 2011-10-27
- ------------------------------------------------------------------------
1. Summary
ESXi update for ntp and ESX Console OS (COS) updates for COS
kernel, openssl, krb5, gcc, bind, gzip, sudo.
2. Relevant releases
VMware ESX 4.0.0 without patches ESX400-201005401-SG,
ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG,
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-11:03.bind Security Advisory
The FreeBSD Project
Topic: Remote packet Denial of Service against named(8) servers
Category: contrib
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 1
HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-08-01
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02783438
Version: 1
HPSBUX02655 SSRT100353 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-11
Last Updated: 2011-04-07
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01837667
Version: 2
HPSBTU02453 SSRT091037 rev.2 - HP Tru64 UNIX or HP Tru64 Internet Express Running BIND Server, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-24
Last Updated: 2009-08-24
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835459
Version: 1
HPSBOV02452 SSRT090161 rev.1 - HP TCP/IP Services for OpenVMS BIND Server Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
Debian Security Advisory DSA 2054-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 15th, 2010 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: BIND: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #301548, #308035
ID: 201006-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2010:253
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : December 14, 2010
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-09:04.bind Security Advisory
The FreeBSD Project
Topic: BIND DNSSEC incorrect checks for malformed signatures
Category: contrib
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01174368
Version: 1
HPSBOV02261 SSRT071449 rev.1 - HP OpenVMS running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-09-19
Last Updated: 2007-09-19
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-08:06.bind Security Advisory
The FreeBSD Project
Topic: DNS cache poisoning
Category: contrib
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: BIND: Weak random number generation
Date: August 18, 2007
Bugs: #186556
ID: 200708-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2010:021
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : January 20, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02097674
Version: 1
HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-04-21
Last Updated: 2010-04-21
Debian Security Advisory DSA-2054-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
June 04, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: BIND: Denial of Service
Date: August 01, 2009
Bugs: #279508
ID: 200908-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01154600
Version: 1
HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-29
Last Updated: 2007-08-29
VMware Security Advisory
Advisory ID: VMSA-2011-0004
Synopsis: VMware ESX/ESXi SLPD denial of service vulnerability
and ESX third party updates for Service Console
packages bind, pam, and rpm.
Issue date: 2011-03-07
Updated on: 2011-03-07 (initial release of advisory)
CVE numbers: CVE-2010-3613 CVE-2010-3614 CVE-2010-3762
CVE-2010-3316 CVE-2010-3435 CVE-2010-3853
CVE-2010-2059 CVE-2010-3609
Mandriva Linux Security Advisory MDVSA-2011:104
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : June 1, 2011
Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
In 1997 a practical implementation of a blind remote DNS cache poisoning
attack that relies solely on exploiting the predictability of the ID
field of DNS query packets was described by Arce and Kargieman [3]. This
was followed up by further refinements and advancement of attack
techniques by Vagner Sacramento [4] and Joe Stewart [5] in 2002. Amit
Klein further investigated query Id predictability in BIND version 9[6]
and Windows DNS[7] server implementations in 2007. In 2008 a much
publicized advancement of the DNS cache poisoning technique was
disclosed by Dan Kaminsky [8] in conjunction with the release of
security fixes by several vendors. Microsoft's MS08-037
[http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx]Security
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01523520
Version: 1
HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-13
Last Updated: 2008-08-13
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01283837
Version: 1
HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-11-19
Last Updated: 2007-11-19
Mandriva Linux Security Advisory MDVSA-2009:313-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : December 3, 2009
Affected: 2008.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2011:115
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : July 20, 2011
Affected: 2009.0, 2010.1, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: BIND: Incorrect signature verification
Date: March 09, 2009
Bugs: #254134, #257949
ID: 200903-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2009:304
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : November 26, 2009
Affected: 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
<<Previous Next>>
|
