Next Page >>
BIND
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 5
HPSBUX02351 SSRT080058 rev.5 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2010-10-12
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 6
HPSBUX02351 SSRT080058 rev.6 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2010-12-15
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 3
HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 4
HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03070783
Version: 3
HPSBUX02719 SSRT100658 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-10-27
Last Updated: 2011-12-15
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03070783
Version: 4
HPSBUX02719 SSRT100658 rev.4 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-10-27
Last Updated: 2012-01-20
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 2
HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-09-10
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 3
HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-11-26
BIND 8 EOL and BIND 8 DNS Cache Poisoning
Note: this is a different attack from BIND 9 DNS cache poisoning.
I discovered a new weakness in BIND 8 DNS server which enables "DNS
Forgery Pharming". An attacker can remotely poison the cache of any
BIND 8 caching DNS server and force users who use this DNS server to
reach fraudulent websites each time they try to access real websites.
BIND 8 is still a very popular DNS server nowadays thus this attack
applies to a big part of Internet users.
Debian Security Advisory DSA-1604-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02263226
Version: 1
HPSBUX02546 SSRT100159 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS), Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-09-15
Last Updated: 2010-09-15
Hash: SHA1
Sir or Madam,
> I found this ISC announcement quite amusing:
> http://www.isc.org/index.pl?/sw/bind/docs/response_transaction_id_issues.php
> It's a text published by ISC as a follow up to the bind9 predictable id saga.
>
> Particularly the following statement is funny, and shows complete lack
> of understanding of the terminology and of the problem space:
>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
ISC BIND 9 Remote Crash with Certain RPZ Configurations
Two defects were discovered in ISC's BIND 9 code. These defects only affect
BIND 9 servers which have recursion enabled and which use a specific
feature of the software known as Response Policy Zones (RPZ) and where the
RPZ zone contains a specific rule/action pattern.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 2
HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03105548
Version: 3
HPSBUX02729 SSRT100687 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-01
Last Updated: 2012-01-20
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
ISC BIND 9 Remote packet Denial of Service against Authoritative and
Recursive Servers
A specially constructed packet will cause BIND 9 ("named") to exit,
affecting DNS service.
CVE: CVE-2011-2464
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03105548
Version: 2
HPSBUX02729 SSRT100687 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-01
Last Updated: 2011-12-14
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03105548
Version: 1
HPSBUX02729 SSRT100687 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-12-01
Last Updated: 2011-12-01
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
II ESX Service Console rpm updates
a. update to bind
This update upgrades the service console rpms for bind-utils and
bind-lib to version 9.2.4-22.el3.
Version 9.2.4.-22.el3 addresses the recently discovered
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 1
HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 1
HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 2
HPSBUX02451 SSRT090137 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-11-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 4
HPSBUX02451 SSRT090137 rev.4 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2010-12-15
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 3
HPSBUX02451 SSRT090137 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2010-06-04
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-11:06.bind Security Advisory
The FreeBSD Project
Topic: Remote packet Denial of Service against named(8) servers
Category: contrib
--- python ---
CVE-2007-2052 CVE-2007-4965 CVE-2008-1721
CVE-2008-1887 CVE-2008-2315 CVE-2008-3142
CVE-2008-3143 CVE-2008-3144 CVE-2008-4864
CVE-2008-5031
--- bind ---
CVE-2009-0696
--- libxml and libxml2 ---
CVE-2009-2414 CVE-2009-2416
--- curl --
CVE-2009-2417
Debian Security Advisory DSA-1603-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 1
HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-16
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-1447
Debian Bug : 490271
In DSA-1603-1, Debian released an update to the BIND 9 domain name
server, which introduced UDP source port randomization to mitigate
the threat of DNS cache poisoning attacks (identified by the Common
Vulnerabilities and Exposures project as CVE-2008-1447). The fix,
while correct, was incompatible with the version of SELinux Reference
Policy shipped with Debian Etch, which did not permit a process
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-10:01.bind Security Advisory
The FreeBSD Project
Topic: BIND named(8) cache poisoning with DNSSEC validation
Category: contrib
Next Page>>
|
