drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in bind
| Name: |
Denial of Service in bind |
|
| ID: |
TLSA-2009-22 |
|
| Distribution: |
TurboLinux |
|
| Plattformen: |
Turbolinux Client 2008, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server |
|
| Datum: |
Di, 4. August 2009, 03:50 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2009-22
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 03 Aug 2009
Last revised: 03 Aug 2009
Package: bind
Summary: DoS via dynamic update request
More information:
Bind includes the named name server, which resolves host names to IP
addresses (and vice versa), and a resolver library (a set of routines
in a system library that provide the interface for programs to use when
accessing domain name services).
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before
9.4.3-P3,
9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master
server,
allows remote attackers to cause a denial of service (assertion failure and
daemon exit)
via an ANY record in the prerequisite section of a crafted dynamic update
message,
as exploited in the wild in July 2009. (CVE-2009-0696)
Affected Products:
- Turbolinux Client 2008
- Turbolinux 11 Server x64 Edition
- Turbolinux 11 Server
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
<Turbolinux Client 2008>
Source Packages
Size: MD5
bind-9.4.2-3.src.rpm
6497783 d0f70016aa056ab37653c70f8842a2d1
Binary Packages
Size: MD5
bind-devel-9.4.2-3.i586.rpm
5078991 ee00606b930f4c9344242371cea00f84
bind-libs-9.4.2-3.i586.rpm
898024 370d7450b131e5314d9b9a7026c8efea
bind-utils-9.4.2-3.i586.rpm
374393 c1cecf4584366900a704e2005eecdb40
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages
Size: MD5
bind-9.4.2-4.src.rpm
6512843 4117301517b325c4445a497e43a66aca
Binary Packages
Size: MD5
bind-9.4.2-4.x86_64.rpm
1653394 c3c180d22856ae28837bb407e61a30cf
bind-chroot-9.4.2-4.x86_64.rpm
14685 51f497c1d811149c24a02dbe6f69af81
bind-libs-9.4.2-4.x86_64.rpm
927379 96b7ad36777985edb299fdfcd033362a
bind-sdb-9.4.2-4.x86_64.rpm
220680 02ad67b0ee702f7578e0fe4cdd7b2704
bind-utils-9.4.2-4.x86_64.rpm
378431 8a0157bbe66c122a3915cc32adee66a1
<Turbolinux Appliance Server 3.0>
Source Packages
Size: MD5
bind-9.4.2-4.src.rpm
6512843 4117301517b325c4445a497e43a66aca
Binary Packages
Size: MD5
bind-9.4.2-4.i686.rpm
1633102 6d3bb2f7b045d4af3c89ec6e40874117
bind-chroot-9.4.2-4.i686.rpm
14717 35e376156122e0225bc628331cde08ca
bind-libs-9.4.2-4.i686.rpm
831651 040a209d2317a89bb87c1fa8638dcec9
bind-sdb-9.4.2-4.i686.rpm
202583 083ac222cac78257cf5424971eb24bfd
bind-utils-9.4.2-4.i686.rpm
352773 e111997149005398c362ee2bbd1e53fc
<Turbolinux 11 Server x64 Edition>
Source Packages
Size: MD5
bind-9.4.2-4.src.rpm
6512843 4117301517b325c4445a497e43a66aca
Binary Packages
Size: MD5
bind-9.4.2-4.x86_64.rpm
1653394 c3c180d22856ae28837bb407e61a30cf
bind-chroot-9.4.2-4.x86_64.rpm
14685 51f497c1d811149c24a02dbe6f69af81
bind-devel-9.4.2-4.x86_64.rpm
3219856 1e728e65f85b01f6147f99a441242860
bind-libs-9.4.2-4.x86_64.rpm
927379 96b7ad36777985edb299fdfcd033362a
bind-sdb-9.4.2-4.x86_64.rpm
220680 02ad67b0ee702f7578e0fe4cdd7b2704
bind-utils-9.4.2-4.x86_64.rpm
378431 8a0157bbe66c122a3915cc32adee66a1
<Turbolinux 11 Server>
Source Packages
Size: MD5
bind-9.4.2-4.src.rpm
6512843 4117301517b325c4445a497e43a66aca
Binary Packages
Size: MD5
bind-9.4.2-4.i686.rpm
1633102 6d3bb2f7b045d4af3c89ec6e40874117
bind-chroot-9.4.2-4.i686.rpm
14717 35e376156122e0225bc628331cde08ca
bind-devel-9.4.2-4.i686.rpm
3129172 33a13924414d2409591672e82a0db6b2
bind-libs-9.4.2-4.i686.rpm
831651 040a209d2317a89bb87c1fa8638dcec9
bind-sdb-9.4.2-4.i686.rpm
202583 083ac222cac78257cf5424971eb24bfd
bind-utils-9.4.2-4.i686.rpm
352773 e111997149005398c362ee2bbd1e53fc
<Turbolinux Appliance Server 2.0>
Source Packages
Size: MD5
bind-9.2.3-20.src.rpm
3570623 0c534fb9598e9a94f19d494ed51d1522
Binary Packages
Size: MD5
bind-9.2.3-20.i586.rpm
371853 34a19f5cf367e470c71bc6ab25be04c7
bind-chroot-9.2.3-20.i586.rpm
10199 90de8c456a70985bd6447c667ad7aa48
bind-libs-9.2.3-20.i586.rpm
415135 a4f4ef8fc1a7609404624bd2fa22e1aa
bind-utils-9.2.3-20.i586.rpm
96942 763f36efe34aad1202eb26781bc61905
<Turbolinux 10 Server x64 Edition>
Source Packages
Size: MD5
bind-9.2.3-20.src.rpm
3570623 0c534fb9598e9a94f19d494ed51d1522
Binary Packages
Size: MD5
bind-9.2.3-20.x86_64.rpm
398317 73e3c8e2df7d5d348141ad5fe003c642
bind-chroot-9.2.3-20.x86_64.rpm
10170 15fcba5a52b227f50e394351e6622532
bind-libs-9.2.3-20.x86_64.rpm
516967 1d221ac75187a94c0ca2e302183f3990
bind-utils-9.2.3-20.x86_64.rpm
108265 c149ecac2d44811a81834fbf1f479bfc
<Turbolinux 10 Server>
Source Packages
Size: MD5
bind-9.2.3-20.src.rpm
3570623 0c534fb9598e9a94f19d494ed51d1522
Binary Packages
Size: MD5
bind-9.2.3-20.i586.rpm
371853 34a19f5cf367e470c71bc6ab25be04c7
bind-chroot-9.2.3-20.i586.rpm
10199 90de8c456a70985bd6447c667ad7aa48
bind-libs-9.2.3-20.i586.rpm
415135 a4f4ef8fc1a7609404624bd2fa22e1aa
bind-utils-9.2.3-20.i586.rpm
96942 763f36efe34aad1202eb26781bc61905
References:
CVE
[CVE-2009-0696]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
--------------------------------------------------------------------------
Revision History
03 Aug 2009 Initial release
--------------------------------------------------------------------------
Copyright(C) 2009 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
iEYEARECAAYFAkp2vJUACgkQK0LzjOqIJMyaAACgqVfkFDVqb0TimnHMNwZbYTR7
i7wAnRUy0yyX5K7oSBalVxTn9AVdVsF/
=1buF
-----END PGP SIGNATURE-----
|
|
|
|
