drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Cache Poisoning in bind
Name: |
Cache Poisoning in bind |
|
ID: |
TLSA-2008-26 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Do, 17. Juli 2008, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 |
|
Applikationen: |
BIND |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2008-26 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 16 Jul 2008 Last revised: 16 Jul 2008
Package: bind
Summary: Cache Poisoning Attacks
More information: Bind includes the named name server, which resolves host names to IP addresses (and vice versa), and a resolver library (a set of routines in a system library that provide the interface for programs to use when accessing domain name services).
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via certain cache poisoning techniques against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability." (CVE-2008-1447)
Affected Products: - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0 - Turbolinux 11 Server x64 Edition - Turbolinux 11 Server - Turbolinux Appliance Server 2.0 - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
bind-9.4.2-1.src.rpm 6495934 430a452d9970a16bdf7fbf8e29c0a1e6
Binary Packages Size: MD5
bind-9.4.2-1.x86_64.rpm 1653717 89f9b0dddba30904592e3d79df9b518c bind-chroot-9.4.2-1.x86_64.rpm 14394 1fe9f41013d263e3352e7e21a5f6a75d bind-libs-9.4.2-1.x86_64.rpm 927420 92b7c21f48308cd2a266adb26ae16eab bind-sdb-9.4.2-1.x86_64.rpm 220177 79205434b4f41a305541cd9f8831b533 bind-utils-9.4.2-1.x86_64.rpm 378227 eb614b4b16b781d33c42e86f0b78e5b1
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
bind-9.4.2-1.src.rpm 6495934 430a452d9970a16bdf7fbf8e29c0a1e6
Binary Packages Size: MD5
bind-9.4.2-1.i686.rpm 1632772 185c57458c469042d081d704dbef5063 bind-chroot-9.4.2-1.i686.rpm 14406 5d58a3e069f0dea1b5d1f45ab74e2b05 bind-libs-9.4.2-1.i686.rpm 831268 c21bcc5f8369af3381cf54d27f867aba bind-sdb-9.4.2-1.i686.rpm 202369 14d4941d8548112c450e3df874d824b4 bind-utils-9.4.2-1.i686.rpm 352767 94495db45e2565de436fbb0467da55f3
<Turbolinux 11 Server x64 Edition>
Source Packages Size: MD5
bind-9.4.2-1.src.rpm 6495934 430a452d9970a16bdf7fbf8e29c0a1e6
Binary Packages Size: MD5
bind-9.4.2-1.x86_64.rpm 1653717 89f9b0dddba30904592e3d79df9b518c bind-chroot-9.4.2-1.x86_64.rpm 14394 1fe9f41013d263e3352e7e21a5f6a75d bind-devel-9.4.2-1.x86_64.rpm 3219636 542cba1f4079a81416354f114775f13d bind-libs-9.4.2-1.x86_64.rpm 927420 92b7c21f48308cd2a266adb26ae16eab bind-sdb-9.4.2-1.x86_64.rpm 220177 79205434b4f41a305541cd9f8831b533 bind-utils-9.4.2-1.x86_64.rpm 378227 eb614b4b16b781d33c42e86f0b78e5b1
<Turbolinux 11 Server>
Source Packages Size: MD5
bind-9.4.2-1.src.rpm 6495934 430a452d9970a16bdf7fbf8e29c0a1e6
Binary Packages Size: MD5
bind-9.4.2-1.i686.rpm 1632772 185c57458c469042d081d704dbef5063 bind-chroot-9.4.2-1.i686.rpm 14406 5d58a3e069f0dea1b5d1f45ab74e2b05 bind-devel-9.4.2-1.i686.rpm 3130281 79ec79962d3b3240a4ab683ae0bb2e5a bind-libs-9.4.2-1.i686.rpm 831268 c21bcc5f8369af3381cf54d27f867aba bind-sdb-9.4.2-1.i686.rpm 202369 14d4941d8548112c450e3df874d824b4 bind-utils-9.4.2-1.i686.rpm 352767 94495db45e2565de436fbb0467da55f3
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
bind-9.2.3-16.src.rpm 3546317 b56165a54c96041a0d24ccbe49d70dd2
Binary Packages Size: MD5
bind-9.2.3-16.i586.rpm 371664 3a6f73b7510d6eaeead0b9b228445939 bind-chroot-9.2.3-16.i586.rpm 10075 3760d0dd529229bb9a84943a8c47a018 bind-libs-9.2.3-16.i586.rpm 413931 9c32f9a9394289aaf87b63aaf350682a bind-utils-9.2.3-16.i586.rpm 96775 64ba58391e0f00beb0830641a87709c4
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
bind-9.2.3-16.src.rpm 3546317 3f3725af3c87901425ee881893d3a5b9
Binary Packages Size: MD5
bind-9.2.3-16.x86_64.rpm 398257 0d523b6b85da4044f4f0ab367ef009d6 bind-chroot-9.2.3-16.x86_64.rpm 10000 ffb76ca3292cefef52f37fb8680a7260 bind-libs-9.2.3-16.x86_64.rpm 516688 08ff295d067d6614ad6f0709dd4ec10c bind-utils-9.2.3-16.x86_64.rpm 108138 0d6103b504030de9a43aada1fa52a990
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
bind-9.2.1-9.src.rpm 4991638 1e5b1b827a4f9fa3382b4411b6783707
Binary Packages Size: MD5
bind-9.2.1-9.i586.rpm 2745796 a1845d18921645c30c7967465f282324 bind-devel-9.2.1-9.i586.rpm 724575 f5b6c1bc0278af514eb64d257913722c bind-utils-9.2.1-9.i586.rpm 1703676 f8d9e37ff628eb9648bb279f9b170af3
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
bind-9.2.1-9.src.rpm 4991638 c08456c63905fbda81dc4b9639c7bbd6
Binary Packages Size: MD5
bind-9.2.1-9.i586.rpm 2746325 603419cdda3d8f0aa25965159cb7333d bind-devel-9.2.1-9.i586.rpm 724969 a6d19230bf507ab89953f9230292acb0 bind-utils-9.2.1-9.i586.rpm 1703642 bf02e7c5c43dd52baef78da6594630b7
<Turbolinux 10 Server>
Source Packages Size: MD5
bind-9.2.3-16.src.rpm 3546317 b56165a54c96041a0d24ccbe49d70dd2
Binary Packages Size: MD5
bind-9.2.3-16.i586.rpm 371664 3a6f73b7510d6eaeead0b9b228445939 bind-chroot-9.2.3-16.i586.rpm 10075 3760d0dd529229bb9a84943a8c47a018 bind-libs-9.2.3-16.i586.rpm 413931 9c32f9a9394289aaf87b63aaf350682a bind-utils-9.2.3-16.i586.rpm 96775 64ba58391e0f00beb0830641a87709c4
References:
CVE [CVE-2008-1447] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
-------------------------------------------------------------------------- Revision History 16 Jul 2008 Initial release --------------------------------------------------------------------------
Copyright(C) 2008 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkh9np8ACgkQK0LzjOqIJMzpfACglFVefcUf3TvVaru6yRMb0ubP 6JoAoLP3YoGCkfGyhhxg9dDMisKSEWxr =exk2 -----END PGP SIGNATURE-----
|
|
|
|