Next Page >>
Berkeley Internet Name Domain
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 4
HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 3
HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 2
HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-09-10
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 3
HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-11-26
BIND 8 EOL and BIND 8 DNS Cache Poisoning
Note: this is a different attack from BIND 9 DNS cache poisoning.
I discovered a new weakness in BIND 8 DNS server which enables "DNS
Forgery Pharming". An attacker can remotely poison the cache of any
BIND 8 caching DNS server and force users who use this DNS server to
reach fraudulent websites each time they try to access real websites.
BIND 8 is still a very popular DNS server nowadays thus this attack
applies to a big part of Internet users.
Debian Security Advisory DSA-1604-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
Hash: SHA1
Sir or Madam,
> I found this ISC announcement quite amusing:
> http://www.isc.org/index.pl?/sw/bind/docs/response_transaction_id_issues.php
> It's a text published by ISC as a follow up to the bind9 predictable id saga.
>
> Particularly the following statement is funny, and shows complete lack
> of understanding of the terminology and of the problem space:
>
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 2
HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-19
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
II ESX Service Console rpm updates
a. update to bind
This update upgrades the service console rpms for bind-utils and
bind-lib to version 9.2.4-22.el3.
Version 9.2.4.-22.el3 addresses the recently discovered
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 2
HPSBUX02451 SSRT090137 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-11-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 1
HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
g. Updated Service Console package bind
Service Console package bind updated to version 9.3.6-4.P1.el5
The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server
is operating correctly.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 1
HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835108
Version: 3
HPSBUX02451 SSRT090137 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2010-06-04
Debian Security Advisory DSA-1603-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 1
HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-16
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. Update bind package for the Service Console fixes a security issue.
A flaw was discovered in the way Berkeley Internet Name Domain
(BIND) checked the return value of the OpenSSL DSA_do_verify
function. On systems using DNSSEC, a malicious zone could present
a malformed DSA certificate and bypass proper certificate
validation, allowing spoofing attacks.
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-1447
Debian Bug : 490271
In DSA-1603-1, Debian released an update to the BIND 9 domain name
server, which introduced UDP source port randomization to mitigate
the threat of DNS cache poisoning attacks (identified by the Common
Vulnerabilities and Exposures project as CVE-2008-1447). The fix,
while correct, was incompatible with the version of SELinux Reference
Policy shipped with Debian Etch, which did not permit a process
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-10:01.bind Security Advisory
The FreeBSD Project
Topic: BIND named(8) cache poisoning with DNSSEC validation
Category: contrib
Debian Security Advisory DSA 2054-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 15th, 2010 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
NOTE: ESX 3.0.2 is not affected by this issue
b. Updated bind package for the service console fixes a flaw with the
way ISC BIND processed certain DNS query responses.
ISC BIND (Berkeley Internet Name Domain) is an implementation of
the DNS (Domain Name System) protocols. Under some circumstances, a
malicious remote user could launch a Denial-of-Service attack on
ESX Server hosts that had enabled DNSSEC validation.
(CVE-2007-0494)
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01837667
Version: 2
HPSBTU02453 SSRT091037 rev.2 - HP Tru64 UNIX or HP Tru64 Internet Express Running BIND Server, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-24
Last Updated: 2009-08-24
- ------------------------------------------------------------------------
1. Summary
ESXi update for ntp and ESX Console OS (COS) updates for COS
kernel, openssl, krb5, gcc, bind, gzip, sudo.
2. Relevant releases
VMware ESX 4.0.0 without patches ESX400-201005401-SG,
ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG,
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835459
Version: 1
HPSBOV02452 SSRT090161 rev.1 - HP TCP/IP Services for OpenVMS BIND Server Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
The following packages were identified as affected by a vulnerability
similar to the OpenSSL one, as they use OpenSSL DSA_verify function and
incorrectly check the return code.
BIND <= 9.4.3
Lasso <= 2.2.1
ZXID <= 0.29
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 1
HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-08-01
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-08:06.bind Security Advisory
The FreeBSD Project
Topic: DNS cache poisoning
Category: contrib
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: BIND: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #301548, #308035
ID: 201006-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Debian Security Advisory DSA-2054-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
June 04, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
Mandriva Linux Security Advisory MDVSA-2010:021
http://www.mandriva.com/security/
_______________________________________________________________________
Package : bind
Date : January 20, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
Next Page>>
|
