drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Zertifikaten in bind
Name: |
Mangelnde Prüfung von Zertifikaten in bind |
|
ID: |
TLSA-2009-4 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux Client 2008, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Fr, 6. Februar 2009, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 |
|
Applikationen: |
BIND |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2009-4 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 05 Feb 2009 Last revised: 05 Feb 2009
Package: bind
Summary: return value check vulnerability
More information: Bind includes the named name server, which resolves host names to IP addresses (and vice versa), and a resolver library (a set of routines in a system library that provide the interface for programs to use when accessing domain name services).
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. (CVE-2009-0025)
Affected Products: - Turbolinux Client 2008 - Turbolinux 11 Server x64 Edition - Turbolinux 11 Server - Turbolinux Appliance Server 2.0 - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server
<Turbolinux Client 2008>
Source Packages Size: MD5
bind-9.4.2-2.src.rpm 6497266 9ee135d4f3fe6a886c7c8d63ef64f058
Binary Packages Size: MD5
bind-devel-9.4.2-2.i586.rpm 5078960 1328e144e4f54e42ed62b393e8e42584 bind-libs-9.4.2-2.i586.rpm 897939 dfc78a541f1cbfbd1ba8b6292c296922 bind-utils-9.4.2-2.i586.rpm 374311 7589d1d02014ce1cc4039e86efa7020d
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
bind-9.4.2-3.src.rpm 6496712 feca0aa98ce421e0431975a09f6cb6ac
Binary Packages Size: MD5
bind-9.4.2-3.x86_64.rpm 1653189 10c6bd399bbb8d1e1008173d549f2282 bind-chroot-9.4.2-3.x86_64.rpm 14630 e1553c0063cf5755aefd01e219a28cea bind-libs-9.4.2-3.x86_64.rpm 927378 247bde05e7401b3849235f473ee68578 bind-sdb-9.4.2-3.x86_64.rpm 220580 8c0d075d5c4232dbfdcfca09176ad6ef bind-utils-9.4.2-3.x86_64.rpm 378219 3abd70af40345e7634a9c2c0082c828d
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
bind-9.4.2-3.src.rpm 6496712 feca0aa98ce421e0431975a09f6cb6ac
Binary Packages Size: MD5
bind-9.4.2-3.i686.rpm 1632673 3a0a68019446de06e41ee20227e307eb bind-chroot-9.4.2-3.i686.rpm 14635 83067b11c01007eeb432255db530b7be bind-libs-9.4.2-3.i686.rpm 831677 16643b866211cdbfacb8e4271ca17cb5 bind-sdb-9.4.2-3.i686.rpm 202680 2de36e52d4510690d5be052f1596d6d8 bind-utils-9.4.2-3.i686.rpm 352713 9c63eeb300f221ba89e4d9afe9f7f1ce
<Turbolinux 11 Server x64 Edition>
Source Packages Size: MD5
bind-9.4.2-3.src.rpm 6496712 e402d2d23390f1877ea8b5861f726149
Binary Packages Size: MD5
bind-9.4.2-3.x86_64.rpm 1653189 10c6bd399bbb8d1e1008173d549f2282 bind-chroot-9.4.2-3.x86_64.rpm 14630 e1553c0063cf5755aefd01e219a28cea bind-devel-9.4.2-3.x86_64.rpm 3220918 5dec3ba032ae8867e81ab57b7dbbc046 bind-libs-9.4.2-3.x86_64.rpm 927378 247bde05e7401b3849235f473ee68578 bind-sdb-9.4.2-3.x86_64.rpm 220580 8c0d075d5c4232dbfdcfca09176ad6ef bind-utils-9.4.2-3.x86_64.rpm 378219 3abd70af40345e7634a9c2c0082c828d
<Turbolinux 11 Server>
Source Packages Size: MD5
bind-9.4.2-3.src.rpm 6496712 feca0aa98ce421e0431975a09f6cb6ac
Binary Packages Size: MD5
bind-9.4.2-3.i686.rpm 1632673 3a0a68019446de06e41ee20227e307eb bind-chroot-9.4.2-3.i686.rpm 14635 83067b11c01007eeb432255db530b7be bind-devel-9.4.2-3.i686.rpm 3128261 19df809198ea42fec48ebae884c8b921 bind-libs-9.4.2-3.i686.rpm 831677 16643b866211cdbfacb8e4271ca17cb5 bind-sdb-9.4.2-3.i686.rpm 202680 2de36e52d4510690d5be052f1596d6d8 bind-utils-9.4.2-3.i686.rpm 352713 9c63eeb300f221ba89e4d9afe9f7f1ce
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
bind-9.2.3-19.src.rpm 3546844 a23b0ee9c9dfdb45a38d143fb2696143
Binary Packages Size: MD5
bind-9.2.3-19.i586.rpm 371662 b790e1a685aa343c61f54d5c222ab92a bind-chroot-9.2.3-19.i586.rpm 10161 ca8d41ce12ed8dd11abd9f101fb6fbe9 bind-libs-9.2.3-19.i586.rpm 415019 5d26f572fe7ed283477b8d91dac98818 bind-utils-9.2.3-19.i586.rpm 96803 4582f84454b9da4aa65cc22edf1b6f05
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
bind-9.2.3-19.src.rpm 3546844 1c254984c614329c1b0957261cbb2b17
Binary Packages Size: MD5
bind-9.2.3-19.x86_64.rpm 398340 a604ad8b43c0cc19b3f5908943e00b3f bind-chroot-9.2.3-19.x86_64.rpm 10086 96edeb6fd197dc7b9069ecdecf2fcc73 bind-libs-9.2.3-19.x86_64.rpm 517304 f92bcc586acec2c96d65fd94c44eed54 bind-utils-9.2.3-19.x86_64.rpm 108249 565d1e03865f5407bb75ca19ebe52d92
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
bind-9.2.1-11.src.rpm 4992160 59860e527c9038953c18d4c262852ec3
Binary Packages Size: MD5
bind-9.2.1-11.i586.rpm 2745815 5443e7f977b54ddc4f7d873856c7ec8c bind-devel-9.2.1-11.i586.rpm 724932 ee8d094240adc1eea8f51886d6b907a6 bind-utils-9.2.1-11.i586.rpm 1703753 0228e325c27c439050637dcd040624ac
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
bind-9.2.1-11.src.rpm 4992160 6ece36535cb55637cd7931a771955115
Binary Packages Size: MD5
bind-9.2.1-11.i586.rpm 2746121 f0d4cf790646306f062e4b5c0da90ae6 bind-devel-9.2.1-11.i586.rpm 725173 441c79655668432b8bd0dc2504d676c4 bind-utils-9.2.1-11.i586.rpm 1703797 18fd67e5cc6ff12c634332ed095f3612
<Turbolinux 10 Server>
Source Packages Size: MD5
bind-9.2.3-19.src.rpm 3546844 a23b0ee9c9dfdb45a38d143fb2696143
Binary Packages Size: MD5
bind-9.2.3-19.i586.rpm 371662 b790e1a685aa343c61f54d5c222ab92a bind-chroot-9.2.3-19.i586.rpm 10161 ca8d41ce12ed8dd11abd9f101fb6fbe9 bind-libs-9.2.3-19.i586.rpm 415019 5d26f572fe7ed283477b8d91dac98818 bind-utils-9.2.3-19.i586.rpm 96803 4582f84454b9da4aa65cc22edf1b6f05
References:
CVE [CVE-2009-0025] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
-------------------------------------------------------------------------- Revision History 05 Feb 2009 Initial release --------------------------------------------------------------------------
Copyright(C) 2009 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux)
iEYEARECAAYFAkmKlGsACgkQK0LzjOqIJMyEpACeNJmsvgSZnBFL15ihFJBT4QBw rHkAn2OmZKjPG4tKqGVK79DEE+BO8wcl =kwth -----END PGP SIGNATURE-----
|
|
|
|