(HP Issues Fix for Tru64 UNIX) BIND DNSSEC Validation Bug Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1017920 |
SecurityTracker URL: http://securitytracker.com/id/1017920
|
CVE Reference:
CVE-2007-0494
(Links to External Site)
|
Date: Apr 16 2007
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in BIND. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause the target service to crash. A type * (ANY) DNS query that results in a response with multiple RRsets can trigger this flaw in the DNSSEC validation code.
The following versions are affected:
BIND 9.0.x
BIND 9.1.x
BIND 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7
BIND 9.3.0, 9.3.1, 9.3.2, 9.3.3
BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6, 9.4.0b1, 9.4.0b2, 9.4.0b3, 9.4.0b4, 9.4.0rc1
BIND 9.5.0a1 (Bind Forum only)
|
Impact:
A remote user can cause the target name service to crash.
|
Solution:
HP has issued the following fixes.
HP Tru64 UNIX Version 5.1B-4 ERP Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321
Name: T64KIT1001167-V51BB27-ES-20070321
MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315
Name: T64KIT1001163-V51BB26-ES-20070315
MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314
Name: T64KIT1001160-V51AB24-ES-20070314
MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316
Name: T64KIT1001166-V40GB22-ES-20070316
MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316
Name: DUXKIT1001165-V40FB22-ES-20070316
MD5 Checksum: 718148c87a913536b32a47af4c36b04e
Internet Express (IX) v 6.6 BIND
HP indicates that customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
The HP advisory is available at:
http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
|
Vendor URL: www.isc.org/ (Links to External Site)
|
Cause:
State error
|
Underlying OS: UNIX (Tru64)
|
Underlying OS Comments: 4.0F PK8, 4.0G PK4, 5.1A PK6, 5.1B-3, 5.1B-4
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|