Login
Newsletter
Werbung
Sicherheit: Cache Poisoning in bind
Aktuelle Meldungen Distributionen
Name: Cache Poisoning in bind
ID: TLSA-2008-26
Distribution: TurboLinux
Plattformen: Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition
Datum: Do, 17. Juli 2008, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
Applikationen: BIND

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2008-26
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 16 Jul 2008
 Last revised: 16 Jul 2008

 Package: bind

 Summary: Cache Poisoning Attacks

 More information:
    Bind includes the named name server, which resolves host names to IP
    addresses (and vice versa), and a resolver library (a set of routines
    in a system library that provide the interface for programs to use when
    accessing domain name services). 

    The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1,
 9.4.2-P1,
    and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and
    Server 2003 SP1 and SP2; and other implementations allow remote attackers
    to spoof DNS traffic via certain cache poisoning techniques against
 recursive
    resolvers, related to insufficient randomness of DNS transaction IDs and
    source ports, aka "DNS Insufficient Socket Entropy Vulnerability."
 (CVE-2008-1447)

 Affected Products:
    - Turbolinux Appliance Server 3.0 x64 Edition
    - Turbolinux Appliance Server 3.0
    - Turbolinux 11 Server x64 Edition
    - Turbolinux 11 Server
    - Turbolinux Appliance Server 2.0
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server


 <Turbolinux Appliance Server 3.0 x64 Edition>

   Source Packages
   Size: MD5

   bind-9.4.2-1.src.rpm
      6495934 430a452d9970a16bdf7fbf8e29c0a1e6

   Binary Packages
   Size: MD5

   bind-9.4.2-1.x86_64.rpm
      1653717 89f9b0dddba30904592e3d79df9b518c
   bind-chroot-9.4.2-1.x86_64.rpm
        14394 1fe9f41013d263e3352e7e21a5f6a75d
   bind-libs-9.4.2-1.x86_64.rpm
       927420 92b7c21f48308cd2a266adb26ae16eab
   bind-sdb-9.4.2-1.x86_64.rpm
       220177 79205434b4f41a305541cd9f8831b533
   bind-utils-9.4.2-1.x86_64.rpm
       378227 eb614b4b16b781d33c42e86f0b78e5b1

 <Turbolinux Appliance Server 3.0>

   Source Packages
   Size: MD5

   bind-9.4.2-1.src.rpm
      6495934 430a452d9970a16bdf7fbf8e29c0a1e6

   Binary Packages
   Size: MD5

   bind-9.4.2-1.i686.rpm
      1632772 185c57458c469042d081d704dbef5063
   bind-chroot-9.4.2-1.i686.rpm
        14406 5d58a3e069f0dea1b5d1f45ab74e2b05
   bind-libs-9.4.2-1.i686.rpm
       831268 c21bcc5f8369af3381cf54d27f867aba
   bind-sdb-9.4.2-1.i686.rpm
       202369 14d4941d8548112c450e3df874d824b4
   bind-utils-9.4.2-1.i686.rpm
       352767 94495db45e2565de436fbb0467da55f3

 <Turbolinux 11 Server x64 Edition>

   Source Packages
   Size: MD5

   bind-9.4.2-1.src.rpm
      6495934 430a452d9970a16bdf7fbf8e29c0a1e6

   Binary Packages
   Size: MD5

   bind-9.4.2-1.x86_64.rpm
      1653717 89f9b0dddba30904592e3d79df9b518c
   bind-chroot-9.4.2-1.x86_64.rpm
        14394 1fe9f41013d263e3352e7e21a5f6a75d
   bind-devel-9.4.2-1.x86_64.rpm
      3219636 542cba1f4079a81416354f114775f13d
   bind-libs-9.4.2-1.x86_64.rpm
       927420 92b7c21f48308cd2a266adb26ae16eab
   bind-sdb-9.4.2-1.x86_64.rpm
       220177 79205434b4f41a305541cd9f8831b533
   bind-utils-9.4.2-1.x86_64.rpm
       378227 eb614b4b16b781d33c42e86f0b78e5b1

 <Turbolinux 11 Server>

   Source Packages
   Size: MD5

   bind-9.4.2-1.src.rpm
      6495934 430a452d9970a16bdf7fbf8e29c0a1e6

   Binary Packages
   Size: MD5

   bind-9.4.2-1.i686.rpm
      1632772 185c57458c469042d081d704dbef5063
   bind-chroot-9.4.2-1.i686.rpm
        14406 5d58a3e069f0dea1b5d1f45ab74e2b05
   bind-devel-9.4.2-1.i686.rpm
      3130281 79ec79962d3b3240a4ab683ae0bb2e5a
   bind-libs-9.4.2-1.i686.rpm
       831268 c21bcc5f8369af3381cf54d27f867aba
   bind-sdb-9.4.2-1.i686.rpm
       202369 14d4941d8548112c450e3df874d824b4
   bind-utils-9.4.2-1.i686.rpm
       352767 94495db45e2565de436fbb0467da55f3

 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   bind-9.2.3-16.src.rpm
      3546317 b56165a54c96041a0d24ccbe49d70dd2

   Binary Packages
   Size: MD5

   bind-9.2.3-16.i586.rpm
       371664 3a6f73b7510d6eaeead0b9b228445939
   bind-chroot-9.2.3-16.i586.rpm
        10075 3760d0dd529229bb9a84943a8c47a018
   bind-libs-9.2.3-16.i586.rpm
       413931 9c32f9a9394289aaf87b63aaf350682a
   bind-utils-9.2.3-16.i586.rpm
        96775 64ba58391e0f00beb0830641a87709c4

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   bind-9.2.3-16.src.rpm
      3546317 3f3725af3c87901425ee881893d3a5b9

   Binary Packages
   Size: MD5

   bind-9.2.3-16.x86_64.rpm
       398257 0d523b6b85da4044f4f0ab367ef009d6
   bind-chroot-9.2.3-16.x86_64.rpm
        10000 ffb76ca3292cefef52f37fb8680a7260
   bind-libs-9.2.3-16.x86_64.rpm
       516688 08ff295d067d6614ad6f0709dd4ec10c
   bind-utils-9.2.3-16.x86_64.rpm
       108138 0d6103b504030de9a43aada1fa52a990

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   bind-9.2.1-9.src.rpm
      4991638 1e5b1b827a4f9fa3382b4411b6783707

   Binary Packages
   Size: MD5

   bind-9.2.1-9.i586.rpm
      2745796 a1845d18921645c30c7967465f282324
   bind-devel-9.2.1-9.i586.rpm
       724575 f5b6c1bc0278af514eb64d257913722c
   bind-utils-9.2.1-9.i586.rpm
      1703676 f8d9e37ff628eb9648bb279f9b170af3

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   bind-9.2.1-9.src.rpm
      4991638 c08456c63905fbda81dc4b9639c7bbd6

   Binary Packages
   Size: MD5

   bind-9.2.1-9.i586.rpm
      2746325 603419cdda3d8f0aa25965159cb7333d
   bind-devel-9.2.1-9.i586.rpm
       724969 a6d19230bf507ab89953f9230292acb0
   bind-utils-9.2.1-9.i586.rpm
      1703642 bf02e7c5c43dd52baef78da6594630b7

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   bind-9.2.3-16.src.rpm
      3546317 b56165a54c96041a0d24ccbe49d70dd2

   Binary Packages
   Size: MD5

   bind-9.2.3-16.i586.rpm
       371664 3a6f73b7510d6eaeead0b9b228445939
   bind-chroot-9.2.3-16.i586.rpm
        10075 3760d0dd529229bb9a84943a8c47a018
   bind-libs-9.2.3-16.i586.rpm
       413931 9c32f9a9394289aaf87b63aaf350682a
   bind-utils-9.2.3-16.i586.rpm
        96775 64ba58391e0f00beb0830641a87709c4


 References:

 CVE
   [CVE-2008-1447]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

 --------------------------------------------------------------------------
 Revision History
    16 Jul 2008 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2008 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkh9np8ACgkQK0LzjOqIJMzpfACglFVefcUf3TvVaru6yRMb0ubP
6JoAoLP3YoGCkfGyhhxg9dDMisKSEWxr
=exk2
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung