<<< Date Index >>>     <<< Thread Index >>>

OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 and BIND 8.4.x prior 8.4.2



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

                        SCO Security Advisory

Subject:                OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 
and BIND 8.4.x prior 8.4.2
Advisory number:        CSSA-2004-003.0
Issue date:             2004 February 19
Cross reference:        sr886764 fz528462 erg712477 CAN-2003-0914
______________________________________________________________________________


1. Problem Description

        CERT/CC Incident Note VU#734644 

        BIND is an implementation of the Domain Name System (DNS) 
        protocols. Successful exploitation of this vulnerability 
        may result in a temporary denial of service. 

        The Common Vulnerabilities and Exposures project (cve.mitre.org) 
        has assigned the name CAN-2003-0914 to this issue.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------
        OpenLinux 3.1.1 Server          prior to bind-8.3.7-1.i386.rpm
                                        prior to bind-doc-8.3.7-1.i386.rpm
                                        prior to bind-utils-8.3.7-1.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to bind-8.3.7-1.i386.rpm
                                        prior to bind-doc-8.3.7-1.i386.rpm
                                        prior to bind-utils-8.3.7-1.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/RPMS

        4.2 Packages

        5bbeb4009cd1c63070d7edabc36838cd        bind-8.3.7-1.i386.rpm
        80582975955be472cc5dbb9eff171f72        bind-doc-8.3.7-1.i386.rpm
        28b0522cb6a0d661337e58f05f264766        bind-utils-8.3.7-1.i386.rpm

        4.3 Installation

        rpm -Fvh bind-8.3.7-1.i386.rpm
        rpm -Fvh bind-doc-8.3.7-1.i386.rpm
        rpm -Fvh bind-utils-8.3.7-1.i386.rpm

        4.4 Source Package Location

        
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/SRPMS

        4.5 Source Packages

        08c17ced9fbed8ad680aad1f1df903f8        bind-8.3.7-1.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-003.0/RPMS

        5.2 Packages

        f5acabf134676668f0d669d5d58feda0        bind-8.3.7-1.i386.rpm
        ac156c2e52b12aa8d46c94d5d7a37c7a        bind-doc-8.3.7-1.i386.rpm
        b8fb4eba73037973a85752d0c07aea03        bind-utils-8.3.7-1.i386.rpm

        5.3 Installation

        rpm -Fvh bind-8.3.7-1.i386.rpm
        rpm -Fvh bind-doc-8.3.7-1.i386.rpm
        rpm -Fvh bind-utils-8.3.7-1.i386.rpm

        5.4 Source Package Location

        
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-003.0/SRPMS

        5.5 Source Packages

        90229c9bbc06fe554b39eba9d3b3aa95        bind-8.3.7-1.src.rpm


6. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0914
                http://www.kb.cert.org/vuls/id/734644

        SCO security resources:
                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr886764 fz528462
        erg712477.


7. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.


8. Acknowledgements
        
        SCO would like to thank CERT and The Internet Software Consortium.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)

iD8DBQFANTCebluZssSXDTERApzZAKDFVBKt3NhlD0FO7ZYwY+NYrYuzuACfe/6i
DGdX6eR6ERfR44lCmR74QNA=
=sJAn
-----END PGP SIGNATURE-----