ID

VAR-200707-0675


CVE

CVE-2008-1447


TITLE

Multiple DNS implementations vulnerable to cache poisoning

Trust: 0.8

sources: CERT/CC: VU#800113

DESCRIPTION

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Advisory ID: cisco-sa-20080708-dns http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml Revision 1.0 For Public Release 2008 July 08 1800 UTC (GMT) Summary ======= Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. This security advisory is being published simultaneously with announcements from other affected organizations. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages. Vulnerable Products +------------------ The following Cisco products are capable of acting as DNS servers and have been found to have the DNS implementation weakness that makes some types of DNS cache poisoning attacks more likely to succeed: * Cisco IOS Software A device that is running Cisco IOS Software will be affected if it is running a vulnerable version and if it is acting as a DNS server. All Cisco IOS Software releases that support the DNS server functionality and that have not had their DNS implementation improved are affected. For information about specific fixed versions, please refer to the Software Versions and Fixes section. A device that is running Cisco IOS Software is configured to act as a DNS server if the command "ip dns server" is present in the configuration. This command is not enabled by default. * Cisco Network Registrar All Cisco Network Registrar versions are affected, and DNS services are enabled by default. The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button. * Cisco Application and Content Networking System All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default. ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration. * Cisco Global Site Selector Used in Combination with Cisco Network Registrar The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software. Products Confirmed Not Vulnerable +-------------------------------- Products that do not offer DNS server capabilities are not affected by this vulnerability. The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.) Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. The area where these responses are stored locally is called a "cache." Once a response is stored in a cache, the DNS server can use the locally stored response for a certain time (called the "time to live") before having to query DNS servers again to refresh the local (cached) copy of the response. For example, if www.example.com is mapped to the IP address 192.168.0.1 and this mapping is present in the cache of a DNS server, an attacker who succeeds in poisoning the DNS cache of this server may be able to map www.example.com to 10.0.0.1 instead. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid. The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks: * Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854. * Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298. * Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930. This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447. Vulnerability Scoring Details +---------------------------- Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss Cisco Bugs: * DNS cache prone to poisoning/forged answers attacks (CSCsq21930) * DNS susceptible to forged query response attacks (CSCsq01298) * Need to make DNS implementation more resilient against forged answers (CSCso81854) CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed (same score for the three Cisco bugs listed above.) Impact ====== Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Cisco IOS Software +----------------- Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table. +----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+ Cisco Network Registrar +---------------------- +---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+ Cisco Network Registrar software is available for download at: http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval Cisco Application and Content Networking System +---------------------------------------------- This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008. Cisco ACNS 5.5 software is available for download at: http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55 Workarounds =========== There are no workarounds. Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html. Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml. Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings. Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-teams@first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt. +-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- Updated: Jul 08, 2008 Document ID: 107064 +-------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- . RESOLUTION The resolution is to discontinue the use of BIND/iX and migrate DNS services to another platform. This could be used to misdirect users and services; i.e. This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9 J7qxrU208lhOcIjhtq8FWX8= =91dV -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01506861 Version: 5 HPSBUX02351 SSRT080058 rev.5 - HP-UX Running BIND, Remote DNS Cache Poisoning NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-07-16 Last Updated: 2010-10-12 ------------------------------------------------------------------------------ Potential Security Impact: Remote DNS cache poisoning Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2. Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below. A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support. The patch PHNE_37865 is available from: http://itrc.hp.com The BIND v9.3.2 updates are available for download from: http://software.hp.com HP-UX Release / Action B.11.11 running v8.1.2 Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. HP-UX Release / BIND Depot name / Action B.11.11 running v9.2.0 / BIND920V15.depot / Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. HP-UX Release / Action B.11.23 running v9.2.0 / Install PHNE_37865; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. HP-UX Release / Action B.11.11 running v9.3.2 / Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. B.11.23 running v9.3.2 / Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. B.11.31 running v9.3.2 / Install revision C.9.3.2.3.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. Note: Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. Note: Firewall configurations may need to be adjusted to allow DNS queries from random source ports to pass. In addition, firewalls that forward DNS queries must not replace the random source ports. MANUAL ACTIONS: Yes - NonUpdate Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. Check firewall settings. For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates For B.11.11 running v9.2.0 install BIND920v15.depot PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa AFFECTED VERSIONS For BIND v8.1.2 HP-UX B.11.11 ============= InternetSrvcs.INETSVCS-RUN action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. For BIND v9.3.2 HP-UX B.11.11 ============= BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com HP-UX B.11.23 ============= BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com HP-UX B.11.31 ============= NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com For BIND v9.2.0 HP-UX B.11.11 ============= BINDv920.INETSVCS-BIND action: install revision B.11.11.01.015 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL Contact HP Support for information on where to download depot. HP-UX B.11.23 ============= InternetSrvcs.INETSVCS-INETD InternetSrvcs.INETSVCS-RUN InternetSrvcs.INETSVCS2-RUN action: install patch PHNE_37865 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://itrc.hp.com END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 16 July 2008 Initial release Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2 Version:4 (rev.4) - 08 August 2008 Updated manual actions to include named.conf and firewall configuration setings Version:5 (rev.5) - 12 October 2010 Updated version for BIND v9.2.0 depot for B.11.11 Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. The fix introduced a regression in the library breaking the resolution of UTF-8 encoded record names. An updated release is available which corrects this problem. For reference, the original advisory text follows. Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery. For the stable distribution (etch), these problems have been fixed in version 2.3.0-5.2+etch2. We recommend that you upgrade your python-dns package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.diff.gz Size/MD5 checksum: 3807 4c9dceefe0dfc4ee933f3c9298764153 http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz Size/MD5 checksum: 21084 82d377c6a59181072b30b0da4e9835b8 http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.dsc Size/MD5 checksum: 695 16b84a9d56bdd4baf5cdf1bf7e413521 Architecture independent packages: http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2_all.deb Size/MD5 checksum: 22972 59775332c3bb11b1408c83cf25b8e253 These files will probably be moved into the stable distribution on its next update. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. HP TCP/IP Services for OpenVMS 5.7 ECO5 package is available from the following location: The HP TCP/IP Services for OpenVMS 5.7 ECO5 kits for both Integrity and Alpha platforms have been uploaded to HP Support Center website. Customers can access the kits from Patch Management page. HP-UX B.11.00. HP-UX B.11.00 may be affected by this vulnerability if the BINDv4 Domain Name Server (DNS) is configured to do both of the following: * support recursive requests and cache the results * respond to DNS requests made by untrusted systems To determine if an HP-UX system has an affected version, search the output of "swlist -a revision -l fileset" for one of the filesets listed below. AFFECTED VERSIONS HP-UX B.11.00 ============= InternetSrvcs.INETSVCS-RUN action: add "options no-recursion" to /etc/named.boot END AFFECTED VERSIONS RESOLUTION The potential vulnerability may be avoided by blocking access to the system from untrusted systems or by disabling DNS recursion. To disable DNS recursion, add the following to /etc/named.boot: options no-recursion The option will take effect when named is restarted. Note: This issue has been previously reported in HPSBGN01156 SSRT2400 rev.0 (7 August 2003). HPSBGN01156 did not have the Affected Versions for the HP-UX Security Patch Check. Background ========== Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server. * Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash (CVE-2008-3350). Impact ====== A remote attacker could send spoofed DNS response traffic to dnsmasq, possibly involving generating queries via multiple vectors, and spoof DNS replies, which could e.g. Workaround ========== There is no known workaround at this time. Resolution ========== All dnsmasq users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.45" References ========== [ 1 ] CVE-2008-3350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350 [ 2 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200809-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Description =========== == Several vulnerabilities in safe level == Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3. (These vulnerabilities were reported by Keita Yamaguchi.) == DoS vulnerability in WEBrick == An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request. (This vulnerability was reported by Christian Neukirchen.) == Lack of taintness check in dl == An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions. (This vulnerability was reported by Tanaka Akira.) Affected packages: Pardus 2008: ruby, all before 1.8.7_p72-16-4 ruby-mode, all before 1.8.7_p72-16-4 Pardus 2007: ruby, all before 1.8.7_p72-16-13 ruby-mode, all before 1.8.7_p72-16-4 Resolution ========== There are update(s) for ruby, ruby-mode. You can update them via Package Manager or with a single command from console: Pardus 2008: pisi up ruby ruby-mode Pardus 2007: pisi up ruby ruby-mode References ========== * http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 * http://secunia.com/advisories/31430/ ------------------------------------------------------------------------ -- Pınar Yanardağ http://pinguar.org _______________________________________________ Full-Disclosure - We believe in it. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. The BIND 8 legacy code base could not be updated to include the recommended countermeasure (source port randomization, see DSA-1603-1 for details). There are two ways to deal with this situation: 1. The documentation included with BIND 9 contains a migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected). It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. References: MS08-037 (CVE-2008-1447, CVE-2008-1454), MS08-038 (CVE-2008-1435), MS08-039 (CVE-2008-2247, CVE-2008-2248), MS08-040 (CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107). Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins. For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146 For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147 For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148 For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140 The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx NOTE: The SMA must have all pertinent SMA Service Packs applied Windows 2000 Update Rollup 1 Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=12169&prodSeriesId=315667 Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. NOTE: Patch installation instructions are shown at the end of this table. ------------------------------------------------- MS Patch - MS08-037 Vulnerabilities in DNS Could Allow Spoofing (953230) Analysis - Patch will run successfully. ------------------------------------------------- MS Patch - MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue ------------------------------------------------- MS Patch - MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue ------------------------------------------------- MS Patch - MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue ------------------------------------------------- Installation Instructions: (if applicable) Download patches to a system other than the SMA Copy the patch to a floppy diskette or to a CD Execute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA. Note: The Microsoft Windows Installer 3.1 is supported on SMA v2.1. At this time, it is not possible to implement the recommended countermeasures in the GNU libc stub resolver. Install a local BIND 9 resoler on the host, possibly in forward-only mode. (Other caching resolvers can be used instead.) 2. Rely on IP address spoofing protection if available. Successful attacks must spoof the address of one of the resolvers, which may not be possible if the network is guarded properly against IP spoofing attacks (both from internal and external sources). This DSA will be updated when patches for hardening the stub resolver are available. Corrected: 2008-07-12 10:07:33 UTC (RELENG_6, 6.3-STABLE) 2008-07-13 18:42:38 UTC (RELENG_6_3, 6.3-RELEASE-p3) 2008-07-13 18:42:38 UTC (RELENG_7, 7.0-STABLE) 2008-07-13 18:42:38 UTC (RELENG_7_0, 7.0-RELEASE-p3) CVE Name: CVE-2008-1447 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. I. Background BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. II. III. Impact The lack of source port randomization reduces the amount of data the attacker needs to guess in order to successfully execute a DNS cache poisoning attack. This allows the attacker to influence or control the results of DNS queries being returned to users from target systems. IV. To limit the machines able to perform recursive queries, add an ACL in named.conf and limit recursion like the following: acl example-acl { 192.0.2.0/24; }; options { recursion yes; allow-recursion { example-acl; }; }; V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the RELENG_7_0 or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3 and 7.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 6.3] # fetch http://security.FreeBSD.org/patches/SA-08:06/bind63.patch # fetch http://security.FreeBSD.org/patches/SA-08:06/bind63.patch.asc [FreeBSD 7.0] # fetch http://security.FreeBSD.org/patches/SA-08:06/bind7.patch # fetch http://security.FreeBSD.org/patches/SA-08:06/bind7.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/bind # make obj && make depend && make && make install # cd /usr/src/usr.sbin/named # make obj && make depend && make && make install NOTE WELL: This update causes BIND to choose a new, random UDP port for each new query; this may cause problems for some network configurations, particularly if firewall(s) block incoming UDP packets on particular ports. The avoid-v4-udp-ports and avoid-v6-udp-ports options should be used to avoid selecting random port numbers within a blocked range. Consequently it is strongly recommended that these options not be used to specify fixed port numbers. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/contrib/bind9/bin/named/client.c 1.1.1.2.2.5 src/contrib/bind9/bin/named/server.c 1.1.1.2.2.4 src/contrib/bind9/lib/dns/api 1.1.1.2.2.5 src/contrib/bind9/lib/dns/dispatch.c 1.1.1.1.4.4 src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.1.4.3 src/contrib/bind9/lib/dns/resolver.c 1.1.1.2.2.8 RELENG_6_3 src/UPDATING 1.416.2.37.2.8 src/sys/conf/newvers.sh 1.69.2.15.2.7 src/contrib/bind9/bin/named/client.c 1.1.1.2.2.3.2.1 src/contrib/bind9/bin/named/server.c 1.1.1.2.2.2.2.1 src/contrib/bind9/lib/dns/api 1.1.1.2.2.3.2.1 src/contrib/bind9/lib/dns/dispatch.c 1.1.1.1.4.2.2.1 src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.1.4.1.2.1 src/contrib/bind9/lib/dns/resolver.c 1.1.1.2.2.6.2.1 RELENG_7 src/contrib/bind9/bin/named/client.c 1.1.1.6.2.2 src/contrib/bind9/bin/named/server.c 1.1.1.6.2.2 src/contrib/bind9/lib/dns/api 1.1.1.6.2.2 src/contrib/bind9/lib/dns/dispatch.c 1.1.1.4.2.2 src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.3.2.2 src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.2 RELENG_7_0 src/UPDATING 1.507.2.3.2.7 src/sys/conf/newvers.sh 1.72.2.5.2.7 src/contrib/bind9/bin/named/client.c 1.1.1.6.2.1.2.1 src/contrib/bind9/bin/named/server.c 1.1.1.6.2.1.2.1 src/contrib/bind9/lib/dns/api 1.1.1.6.2.1.2.1 src/contrib/bind9/lib/dns/dispatch.c 1.1.1.4.2.1.2.1 src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.3.2.1.2.1 src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.1.2.1 - ------------------------------------------------------------------------- VII

Trust: 3.78

sources: NVD: CVE-2008-1447 // CERT/CC: VU#457875 // CERT/CC: VU#800113 // VULMON: CVE-2008-1447 // PACKETSTORM: 68039 // PACKETSTORM: 74443 // PACKETSTORM: 68068 // PACKETSTORM: 94774 // PACKETSTORM: 70207 // VULHUB: VHN-31572 // PACKETSTORM: 130183 // PACKETSTORM: 68360 // PACKETSTORM: 46512 // PACKETSTORM: 69643 // PACKETSTORM: 69021 // PACKETSTORM: 68037 // PACKETSTORM: 68199 // PACKETSTORM: 68038 // PACKETSTORM: 68183

AFFECTED PRODUCTS

vendor:apple computermodel: - scope: - version: -

Trust: 1.6

vendor:fujitsumodel: - scope: - version: -

Trust: 1.6

vendor:infobloxmodel: - scope: - version: -

Trust: 1.6

vendor:microsoftmodel: - scope: - version: -

Trust: 1.6

vendor:openwall gnu linuxmodel: - scope: - version: -

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.9

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:8

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:4

Trust: 1.0

vendor:alcatel lucentmodel: - scope: - version: -

Trust: 0.8

vendor:avayamodel: - scope: - version: -

Trust: 0.8

vendor:blue coatmodel: - scope: - version: -

Trust: 0.8

vendor:bluecatmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:debian gnu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:f5model: - scope: - version: -

Trust: 0.8

vendor:force10model: - scope: - version: -

Trust: 0.8

vendor:freebsdmodel: - scope: - version: -

Trust: 0.8

vendor:funkwerkmodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:internet consortiummodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:necmodel: - scope: - version: -

Trust: 0.8

vendor:nixumodel: - scope: - version: -

Trust: 0.8

vendor:nominummodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:novellmodel: - scope: - version: -

Trust: 0.8

vendor:openbsdmodel: - scope: - version: -

Trust: 0.8

vendor:qnxmodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:suse linuxmodel: - scope: - version: -

Trust: 0.8

vendor:secure computing network security divisionmodel: - scope: - version: -

Trust: 0.8

vendor:slackware linuxmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntumodel: - scope: - version: -

Trust: 0.8

vendor:wind rivermodel: - scope: - version: -

Trust: 0.8

vendor:yamahamodel: - scope: - version: -

Trust: 0.8

vendor:dnsmasqmodel: - scope: - version: -

Trust: 0.8

vendor:debianmodel: - scope: - version: -

Trust: 0.8

vendor:iscmodel: - scope: - version: -

Trust: 0.8

vendor:metasolvmodel: - scope: - version: -

Trust: 0.8

vendor:netbsdmodel: - scope: - version: -

Trust: 0.8

vendor:redhatmodel:enterprise linuxscope:eqversion:5

Trust: 0.6

vendor:redhatmodel:enterprise linuxscope:eqversion:2.1

Trust: 0.6

vendor:redhatmodel:enterprise linuxscope:eqversion:5.0

Trust: 0.6

vendor:redhatmodel:linux advanced workstationscope:eqversion:2.1

Trust: 0.6

sources: CERT/CC: VU#800113 // CERT/CC: VU#457875 // CNNVD: CNNVD-200807-129 // NVD: CVE-2008-1447

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1447
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#800113
value: 27.54

Trust: 0.8

CARNEGIE MELLON: VU#457875
value: 40.50

Trust: 0.8

CNNVD: CNNVD-200807-129
value: MEDIUM

Trust: 0.6

VULHUB: VHN-31572
value: MEDIUM

Trust: 0.1

VULMON: CVE-2008-1447
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-1447
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-31572
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2008-1447
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 4.0
version: 3.1

Trust: 1.0

sources: CERT/CC: VU#800113 // CERT/CC: VU#457875 // VULHUB: VHN-31572 // VULMON: CVE-2008-1447 // CNNVD: CNNVD-200807-129 // NVD: CVE-2008-1447

PROBLEMTYPE DATA

problemtype:CWE-331

Trust: 1.1

problemtype:CWE-310

Trust: 0.1

sources: VULHUB: VHN-31572 // NVD: CVE-2008-1447

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 68068 // PACKETSTORM: 68183 // PACKETSTORM: 46512 // CNNVD: CNNVD-200807-129

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-200807-129

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-31572 // VULMON: CVE-2008-1447

PATCH

title:Debian CVElist Bug Report Logs: dnsmasq: appears to be vulnerable to cache poisoning attack CVE-2008-1447url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=bea0103df57677c569776d970bb2ff1a

Trust: 0.1

title:Ubuntu Security Notice: bind9 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-622-1

Trust: 0.1

title:Ubuntu Security Notice: dnsmasq vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-627-1

Trust: 0.1

title:Debian Security Advisories: DSA-1605-1 glibc -- DNS cache poisoningurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=26abd8c8b0e5ca972a55a1b90d3fdfc5

Trust: 0.1

title:Debian Security Advisories: DSA-1617-1 refpolicy -- incompatible policyurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=3418f614f56d497e28f842674f8d8f8c

Trust: 0.1

title:Debian Security Advisories: DSA-1603-1 bind9 -- DNS cache poisoningurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=23e55365f62c349622abb2d713a280af

Trust: 0.1

title:Debian CVElist Bug Report Logs: appears to be vulnerable to cache poisoning attack CVE-2008-1447url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9e131108e982a49c97c4f3c5801dfb53

Trust: 0.1

title:Debian CVElist Bug Report Logs: python-dns vulnerable to CVE-2008-1447 DNS source port guessableurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=2a465496dabf8f2d87b1ff911ad8df9b

Trust: 0.1

title:Symantec Security Advisories: SA26 : DNS Cache Poisoning Vulnerability (CERT VU#800113)url:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=078765ce503e834a2fa43ae116b70180

Trust: 0.1

title:Citrix Security Bulletins: Archive: Vulnerability in Access Gateway Standard and Advanced Edition Appliance firmware could result in DNS Cache Poisoningurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=df5619e77c6173020dc0459f4b4bf1f2

Trust: 0.1

title:Citrix Security Bulletins: Archive: Vulnerability in NetScaler and Access Gateway Enterprise Edition could result in DNS Cache Poisoningurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=5c63f9f5138045493cfb7d220588077b

Trust: 0.1

title:Ubuntu Security Notice: ruby1.8 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-651-1

Trust: 0.1

title:VMware Security Advisories: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.url:https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=f3db6c283715ce027fe46e96804874b4

Trust: 0.1

sources: VULMON: CVE-2008-1447

EXTERNAL IDS

db:NVDid:CVE-2008-1447

Trust: 3.1

db:CERT/CCid:VU#800113

Trust: 2.7

db:SECUNIAid:31430

Trust: 1.9

db:VUPENid:ADV-2008-2025

Trust: 1.8

db:VUPENid:ADV-2009-0297

Trust: 1.8

db:VUPENid:ADV-2008-2334

Trust: 1.8

db:VUPENid:ADV-2008-2383

Trust: 1.8

db:VUPENid:ADV-2008-2113

Trust: 1.8

db:VUPENid:ADV-2008-2558

Trust: 1.8

db:VUPENid:ADV-2008-2019

Trust: 1.8

db:VUPENid:ADV-2008-2377

Trust: 1.8

db:VUPENid:ADV-2008-2584

Trust: 1.8

db:VUPENid:ADV-2008-2342

Trust: 1.8

db:VUPENid:ADV-2010-0622

Trust: 1.8

db:VUPENid:ADV-2008-2166

Trust: 1.8

db:VUPENid:ADV-2008-2051

Trust: 1.8

db:VUPENid:ADV-2008-2092

Trust: 1.8

db:VUPENid:ADV-2008-2029

Trust: 1.8

db:VUPENid:ADV-2008-2384

Trust: 1.8

db:VUPENid:ADV-2008-2268

Trust: 1.8

db:VUPENid:ADV-2008-2052

Trust: 1.8

db:VUPENid:ADV-2008-2549

Trust: 1.8

db:VUPENid:ADV-2008-2197

Trust: 1.8

db:VUPENid:ADV-2009-0311

Trust: 1.8

db:VUPENid:ADV-2008-2055

Trust: 1.8

db:VUPENid:ADV-2008-2467

Trust: 1.8

db:VUPENid:ADV-2008-2123

Trust: 1.8

db:VUPENid:ADV-2008-2482

Trust: 1.8

db:VUPENid:ADV-2008-2525

Trust: 1.8

db:VUPENid:ADV-2008-2023

Trust: 1.8

db:VUPENid:ADV-2008-2582

Trust: 1.8

db:VUPENid:ADV-2008-2114

Trust: 1.8

db:VUPENid:ADV-2008-2196

Trust: 1.8

db:VUPENid:ADV-2008-2139

Trust: 1.8

db:VUPENid:ADV-2008-2466

Trust: 1.8

db:VUPENid:ADV-2008-2050

Trust: 1.8

db:VUPENid:ADV-2008-2195

Trust: 1.8

db:VUPENid:ADV-2008-2291

Trust: 1.8

db:VUPENid:ADV-2008-2030

Trust: 1.8

db:SECTRACKid:1020548

Trust: 1.8

db:SECTRACKid:1020578

Trust: 1.8

db:SECTRACKid:1020448

Trust: 1.8

db:SECTRACKid:1020558

Trust: 1.8

db:SECTRACKid:1020702

Trust: 1.8

db:SECTRACKid:1020440

Trust: 1.8

db:SECTRACKid:1020575

Trust: 1.8

db:SECTRACKid:1020437

Trust: 1.8

db:SECTRACKid:1020802

Trust: 1.8

db:SECTRACKid:1020449

Trust: 1.8

db:SECTRACKid:1020579

Trust: 1.8

db:SECTRACKid:1020561

Trust: 1.8

db:SECTRACKid:1020804

Trust: 1.8

db:SECTRACKid:1020577

Trust: 1.8

db:SECTRACKid:1020560

Trust: 1.8

db:SECTRACKid:1020651

Trust: 1.8

db:SECTRACKid:1020653

Trust: 1.8

db:SECTRACKid:1020438

Trust: 1.8

db:SECTRACKid:1020576

Trust: 1.8

db:SECUNIAid:31209

Trust: 1.8

db:SECUNIAid:31197

Trust: 1.8

db:SECUNIAid:31422

Trust: 1.8

db:SECUNIAid:30977

Trust: 1.8

db:SECUNIAid:31151

Trust: 1.8

db:SECUNIAid:31354

Trust: 1.8

db:SECUNIAid:31093

Trust: 1.8

db:SECUNIAid:31212

Trust: 1.8

db:SECUNIAid:31207

Trust: 1.8

db:SECUNIAid:31221

Trust: 1.8

db:SECUNIAid:31254

Trust: 1.8

db:SECUNIAid:31451

Trust: 1.8

db:SECUNIAid:31169

Trust: 1.8

db:SECUNIAid:30988

Trust: 1.8

db:SECUNIAid:30973

Trust: 1.8

db:SECUNIAid:31687

Trust: 1.8

db:SECUNIAid:31199

Trust: 1.8

db:SECUNIAid:30980

Trust: 1.8

db:SECUNIAid:31137

Trust: 1.8

db:SECUNIAid:30998

Trust: 1.8

db:SECUNIAid:31014

Trust: 1.8

db:SECUNIAid:31065

Trust: 1.8

db:SECUNIAid:31882

Trust: 1.8

db:SECUNIAid:31019

Trust: 1.8

db:SECUNIAid:31153

Trust: 1.8

db:SECUNIAid:31482

Trust: 1.8

db:SECUNIAid:31495

Trust: 1.8

db:SECUNIAid:33178

Trust: 1.8

db:SECUNIAid:33714

Trust: 1.8

db:SECUNIAid:31213

Trust: 1.8

db:SECUNIAid:31326

Trust: 1.8

db:SECUNIAid:31052

Trust: 1.8

db:SECUNIAid:31011

Trust: 1.8

db:SECUNIAid:31588

Trust: 1.8

db:SECUNIAid:31033

Trust: 1.8

db:SECUNIAid:31031

Trust: 1.8

db:SECUNIAid:30979

Trust: 1.8

db:SECUNIAid:31022

Trust: 1.8

db:SECUNIAid:31094

Trust: 1.8

db:SECUNIAid:31030

Trust: 1.8

db:SECUNIAid:31204

Trust: 1.8

db:SECUNIAid:30925

Trust: 1.8

db:SECUNIAid:31072

Trust: 1.8

db:SECUNIAid:31152

Trust: 1.8

db:SECUNIAid:31237

Trust: 1.8

db:SECUNIAid:31012

Trust: 1.8

db:SECUNIAid:33786

Trust: 1.8

db:SECUNIAid:31143

Trust: 1.8

db:SECUNIAid:31236

Trust: 1.8

db:SECUNIAid:31900

Trust: 1.8

db:SECUNIAid:30989

Trust: 1.8

db:SECUNIAid:31823

Trust: 1.8

db:USCERTid:TA08-190B

Trust: 1.8

db:USCERTid:TA08-260A

Trust: 1.8

db:USCERTid:TA08-190A

Trust: 1.8

db:BIDid:30131

Trust: 1.8

db:EXPLOIT-DBid:6130

Trust: 1.8

db:EXPLOIT-DBid:6123

Trust: 1.8

db:EXPLOIT-DBid:6122

Trust: 1.8

db:CERT/CCid:VU#457875

Trust: 0.9

db:CNNVDid:CNNVD-200807-129

Trust: 0.6

db:PACKETSTORMid:68038

Trust: 0.2

db:PACKETSTORMid:74443

Trust: 0.2

db:PACKETSTORMid:94774

Trust: 0.2

db:PACKETSTORMid:68199

Trust: 0.2

db:PACKETSTORMid:68183

Trust: 0.2

db:PACKETSTORMid:68068

Trust: 0.2

db:PACKETSTORMid:70207

Trust: 0.2

db:PACKETSTORMid:68039

Trust: 0.2

db:PACKETSTORMid:68360

Trust: 0.2

db:PACKETSTORMid:68037

Trust: 0.2

db:PACKETSTORMid:68878

Trust: 0.1

db:PACKETSTORMid:68755

Trust: 0.1

db:PACKETSTORMid:68412

Trust: 0.1

db:PACKETSTORMid:68118

Trust: 0.1

db:PACKETSTORMid:73060

Trust: 0.1

db:PACKETSTORMid:68502

Trust: 0.1

db:PACKETSTORMid:68061

Trust: 0.1

db:PACKETSTORMid:68288

Trust: 0.1

db:PACKETSTORMid:96747

Trust: 0.1

db:PACKETSTORMid:68471

Trust: 0.1

db:PACKETSTORMid:73732

Trust: 0.1

db:PACKETSTORMid:68036

Trust: 0.1

db:PACKETSTORMid:68500

Trust: 0.1

db:PACKETSTORMid:68691

Trust: 0.1

db:PACKETSTORMid:68473

Trust: 0.1

db:PACKETSTORMid:68129

Trust: 0.1

db:PACKETSTORMid:68546

Trust: 0.1

db:PACKETSTORMid:68554

Trust: 0.1

db:PACKETSTORMid:68063

Trust: 0.1

db:PACKETSTORMid:68543

Trust: 0.1

db:SEEBUGid:SSVID-65607

Trust: 0.1

db:VULHUBid:VHN-31572

Trust: 0.1

db:VULMONid:CVE-2008-1447

Trust: 0.1

db:PACKETSTORMid:130183

Trust: 0.1

db:PACKETSTORMid:46512

Trust: 0.1

db:PACKETSTORMid:69643

Trust: 0.1

db:PACKETSTORMid:69021

Trust: 0.1

sources: CERT/CC: VU#800113 // CERT/CC: VU#457875 // VULHUB: VHN-31572 // VULMON: CVE-2008-1447 // PACKETSTORM: 68039 // PACKETSTORM: 74443 // PACKETSTORM: 68068 // PACKETSTORM: 94774 // PACKETSTORM: 70207 // PACKETSTORM: 68183 // PACKETSTORM: 130183 // PACKETSTORM: 68360 // PACKETSTORM: 46512 // PACKETSTORM: 69643 // PACKETSTORM: 69021 // PACKETSTORM: 68037 // PACKETSTORM: 68199 // PACKETSTORM: 68038 // CNNVD: CNNVD-200807-129 // NVD: CVE-2008-1447

REFERENCES

url:http://support.citrix.com/article/ctx117991

Trust: 2.4

url:http://support.citrix.com/article/ctx118183

Trust: 2.4

url:http://www.kb.cert.org/vuls/id/800113

Trust: 2.0

url:http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc

Trust: 1.9

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26667

Trust: 1.8

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26668

Trust: 1.8

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26669

Trust: 1.8

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26670

Trust: 1.8

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26671

Trust: 1.8

url:http://www.ibm.com/support/docview.wss?uid=isg1iz26672

Trust: 1.8

url:http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html

Trust: 1.8

url:http://www.securityfocus.com/bid/30131

Trust: 1.8

url:http://www.securityfocus.com/archive/1/495289/100/0/threaded

Trust: 1.8

url:http://www.securityfocus.com/archive/1/495869/100/0/threaded

Trust: 1.8

url:http://www.us-cert.gov/cas/techalerts/ta08-190a.html

Trust: 1.8

url:http://www.us-cert.gov/cas/techalerts/ta08-190b.html

Trust: 1.8

url:http://www.us-cert.gov/cas/techalerts/ta08-260a.html

Trust: 1.8

url:http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml

Trust: 1.8

url:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

Trust: 1.8

url:http://support.apple.com/kb/ht3026

Trust: 1.8

url:http://support.apple.com/kb/ht3129

Trust: 1.8

url:http://up2date.astaro.com/2008/08/up2date_7202_released.html

Trust: 1.8

url:http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231

Trust: 1.8

url:http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018

Trust: 1.8

url:http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

Trust: 1.8

url:http://www.isc.org/index.pl?/sw/bind/bind-security.php

Trust: 1.8

url:http://www.kb.cert.org/vuls/id/mimg-7dwr4j

Trust: 1.8

url:http://www.kb.cert.org/vuls/id/mimg-7ecl8q

Trust: 1.8

url:http://www.novell.com/support/viewcontent.do?externalid=7000912

Trust: 1.8

url:http://www.phys.uu.nl/~rombouts/pdnsd.html

Trust: 1.8

url:http://www.phys.uu.nl/~rombouts/pdnsd/changelog

Trust: 1.8

url:http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html

Trust: 1.8

url:http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

Trust: 1.8

url:http://www.vmware.com/security/advisories/vmsa-2008-0014.html

Trust: 1.8

url:http://www.debian.org/security/2008/dsa-1603

Trust: 1.8

url:http://www.debian.org/security/2008/dsa-1604

Trust: 1.8

url:http://www.debian.org/security/2008/dsa-1605

Trust: 1.8

url:http://www.debian.org/security/2008/dsa-1619

Trust: 1.8

url:http://www.debian.org/security/2008/dsa-1623

Trust: 1.8

url:https://www.exploit-db.com/exploits/6122

Trust: 1.8

url:https://www.exploit-db.com/exploits/6123

Trust: 1.8

url:https://www.exploit-db.com/exploits/6130

Trust: 1.8

url:https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html

Trust: 1.8

url:https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html

Trust: 1.8

url:http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html

Trust: 1.8

url:http://security.gentoo.org/glsa/glsa-200807-08.xml

Trust: 1.8

url:http://security.gentoo.org/glsa/glsa-200812-17.xml

Trust: 1.8

url:http://security.gentoo.org/glsa/glsa-201209-25.xml

Trust: 1.8

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368

Trust: 1.8

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520

Trust: 1.8

url:http://www.mandriva.com/security/advisories?name=mdvsa-2008:139

Trust: 1.8

url:http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

Trust: 1.8

url:http://www.caughq.org/exploits/cau-ex-2008-0002.txt

Trust: 1.8

url:http://www.caughq.org/exploits/cau-ex-2008-0003.txt

Trust: 1.8

url:http://www.doxpara.com/?p=1176

Trust: 1.8

url:http://www.doxpara.com/dmk_bo2k8.ppt

Trust: 1.8

url:http://www.nominum.com/asset_upload_file741_2661.pdf

Trust: 1.8

url:http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

Trust: 1.8

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

Trust: 1.8

url:http://www.openbsd.org/errata42.html#013_bind

Trust: 1.8

url:http://www.openbsd.org/errata43.html#004_bind

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2008-0533.html

Trust: 1.8

url:http://www.redhat.com/support/errata/rhsa-2008-0789.html

Trust: 1.8

url:http://www.securitytracker.com/id?1020437

Trust: 1.8

url:http://www.securitytracker.com/id?1020438

Trust: 1.8

url:http://www.securitytracker.com/id?1020440

Trust: 1.8

url:http://www.securitytracker.com/id?1020448

Trust: 1.8

url:http://www.securitytracker.com/id?1020449

Trust: 1.8

url:http://www.securitytracker.com/id?1020548

Trust: 1.8

url:http://www.securitytracker.com/id?1020558

Trust: 1.8

url:http://www.securitytracker.com/id?1020560

Trust: 1.8

url:http://www.securitytracker.com/id?1020561

Trust: 1.8

url:http://www.securitytracker.com/id?1020575

Trust: 1.8

url:http://www.securitytracker.com/id?1020576

Trust: 1.8

url:http://www.securitytracker.com/id?1020577

Trust: 1.8

url:http://www.securitytracker.com/id?1020578

Trust: 1.8

url:http://www.securitytracker.com/id?1020579

Trust: 1.8

url:http://www.securitytracker.com/id?1020651

Trust: 1.8

url:http://www.securitytracker.com/id?1020653

Trust: 1.8

url:http://www.securitytracker.com/id?1020702

Trust: 1.8

url:http://www.securitytracker.com/id?1020802

Trust: 1.8

url:http://www.securitytracker.com/id?1020804

Trust: 1.8

url:http://secunia.com/advisories/30925

Trust: 1.8

url:http://secunia.com/advisories/30973

Trust: 1.8

url:http://secunia.com/advisories/30977

Trust: 1.8

url:http://secunia.com/advisories/30979

Trust: 1.8

url:http://secunia.com/advisories/30980

Trust: 1.8

url:http://secunia.com/advisories/30988

Trust: 1.8

url:http://secunia.com/advisories/30989

Trust: 1.8

url:http://secunia.com/advisories/30998

Trust: 1.8

url:http://secunia.com/advisories/31011

Trust: 1.8

url:http://secunia.com/advisories/31012

Trust: 1.8

url:http://secunia.com/advisories/31014

Trust: 1.8

url:http://secunia.com/advisories/31019

Trust: 1.8

url:http://secunia.com/advisories/31022

Trust: 1.8

url:http://secunia.com/advisories/31030

Trust: 1.8

url:http://secunia.com/advisories/31031

Trust: 1.8

url:http://secunia.com/advisories/31033

Trust: 1.8

url:http://secunia.com/advisories/31052

Trust: 1.8

url:http://secunia.com/advisories/31065

Trust: 1.8

url:http://secunia.com/advisories/31072

Trust: 1.8

url:http://secunia.com/advisories/31093

Trust: 1.8

url:http://secunia.com/advisories/31094

Trust: 1.8

url:http://secunia.com/advisories/31137

Trust: 1.8

url:http://secunia.com/advisories/31143

Trust: 1.8

url:http://secunia.com/advisories/31151

Trust: 1.8

url:http://secunia.com/advisories/31152

Trust: 1.8

url:http://secunia.com/advisories/31153

Trust: 1.8

url:http://secunia.com/advisories/31169

Trust: 1.8

url:http://secunia.com/advisories/31197

Trust: 1.8

url:http://secunia.com/advisories/31199

Trust: 1.8

url:http://secunia.com/advisories/31204

Trust: 1.8

url:http://secunia.com/advisories/31207

Trust: 1.8

url:http://secunia.com/advisories/31209

Trust: 1.8

url:http://secunia.com/advisories/31212

Trust: 1.8

url:http://secunia.com/advisories/31213

Trust: 1.8

url:http://secunia.com/advisories/31221

Trust: 1.8

url:http://secunia.com/advisories/31236

Trust: 1.8

url:http://secunia.com/advisories/31237

Trust: 1.8

url:http://secunia.com/advisories/31254

Trust: 1.8

url:http://secunia.com/advisories/31326

Trust: 1.8

url:http://secunia.com/advisories/31354

Trust: 1.8

url:http://secunia.com/advisories/31422

Trust: 1.8

url:http://secunia.com/advisories/31430

Trust: 1.8

url:http://secunia.com/advisories/31451

Trust: 1.8

url:http://secunia.com/advisories/31482

Trust: 1.8

url:http://secunia.com/advisories/31495

Trust: 1.8

url:http://secunia.com/advisories/31588

Trust: 1.8

url:http://secunia.com/advisories/31687

Trust: 1.8

url:http://secunia.com/advisories/31823

Trust: 1.8

url:http://secunia.com/advisories/31882

Trust: 1.8

url:http://secunia.com/advisories/31900

Trust: 1.8

url:http://secunia.com/advisories/33178

Trust: 1.8

url:http://secunia.com/advisories/33714

Trust: 1.8

url:http://secunia.com/advisories/33786

Trust: 1.8

url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

Trust: 1.8

url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

Trust: 1.8

url:http://www.ubuntu.com/usn/usn-622-1

Trust: 1.8

url:http://www.ubuntu.com/usn/usn-627-1

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2019/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2023/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2025/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2029/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2030/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2050/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2051/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2052/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2055/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2092/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2113/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2114/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2123/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2139/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2166/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2195/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2196/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2197/references

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2268

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2291

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2334

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2342

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2377

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2383

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2384

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2466

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2467

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2482

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2525

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2549

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2558

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2582

Trust: 1.8

url:http://www.vupen.com/english/advisories/2008/2584

Trust: 1.8

url:http://www.vupen.com/english/advisories/2009/0297

Trust: 1.8

url:http://www.vupen.com/english/advisories/2009/0311

Trust: 1.8

url:http://www.vupen.com/english/advisories/2010/0622

Trust: 1.8

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/43637

Trust: 1.8

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/43334

Trust: 1.8

url:http://marc.info/?l=bugtraq&m=121630706004256&w=2

Trust: 1.7

url:http://www.ipcop.org/index.php?name=news&file=article&sid=40

Trust: 1.7

url:http://support.nortel.com/go/main.jsp?cscat=bltndetail&id=762152

Trust: 1.7

url:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

Trust: 1.7

url:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=121866517322103&w=2

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=123324863916385&w=2

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=141879471518471&w=2

Trust: 1.7

url:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc

Trust: 1.2

url:https://nvd.nist.gov/vuln/detail/cve-2008-1447

Trust: 1.2

url:http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf

Trust: 0.8

url:http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience

Trust: 0.8

url:http://tools.ietf.org/html/rfc3833

Trust: 0.8

url:http://tools.ietf.org/html/rfc2827

Trust: 0.8

url:http://tools.ietf.org/html/rfc3704

Trust: 0.8

url:http://tools.ietf.org/html/rfc3013

Trust: 0.8

url:http://tools.ietf.org/html/rfc4033

Trust: 0.8

url:http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization

Trust: 0.8

url:http://cr.yp.to/djbdns/dns_random.html

Trust: 0.8

url:http://cr.yp.to/djbdns/dns_transmit.html

Trust: 0.8

url:http://cr.yp.to/djbdns/forgery.html

Trust: 0.8

url:http://www.trusteer.com/microsoftdns

Trust: 0.8

url:http://www.trusteer.com/bind9dns

Trust: 0.8

url:http://www.trusteer.com/bind8dns

Trust: 0.8

url:http://www.sans.org/reading_room/whitepapers/dns/1567.php

Trust: 0.8

url:http://blogs.iss.net/archive/morednsnat.html

Trust: 0.8

url:https://jvn.jp/cert/jvnvu800113/

Trust: 0.8

url:http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf

Trust: 0.8

url:http://www.dimap.ufrn.br/

Trust: 0.8

url:http://www.icir.org/vern/imw-2002/imw2002-papers/198.pdf

Trust: 0.8

url:http://razor.bindview.com/publish/papers/tcpseq.html

Trust: 0.8

url:http://mathworld.wolfram.com/birthdayproblem.html

Trust: 0.8

url:http://mathworld.wolfram.com/birthdayattack.html

Trust: 0.8

url:http://www.securityfocus.com/guest/17905

Trust: 0.8

url:http://www.rnp.br/cais/alertas/2002/cais-alr-19112002a.html

Trust: 0.8

url:http://www.rnp.br/cais_en/

Trust: 0.8

url:http://www.cert.org/advisories/ca-1997-22.html

Trust: 0.8

url:http://www.cert.org/advisories/ca-2001-09.html

Trust: 0.8

url:http://www.cert.org/archive/pdf/dns.pdf

Trust: 0.8

url:http://h30046.www3.hp.com/subsignin.php

Trust: 0.5

url:http://www.itrc.hp.com/service/cki/secbullarchive.do

Trust: 0.5

url:http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc

Trust: 0.4

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447

Trust: 0.4

url:http://packages.debian.org/<pkg>

Trust: 0.3

url:http://security.debian.org/

Trust: 0.3

url:http://www.debian.org/security/faq

Trust: 0.3

url:http://www.debian.org/security/

Trust: 0.3

url:http://secunia.com/

Trust: 0.2

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.2

url:http://software.hp.com

Trust: 0.2

url:https://www.hp.com/go/swa

Trust: 0.2

url:http://support.nortel.com/go/main.jsp?cscat=bltndetail&amp;id=762152

Trust: 0.1

url:http://www.ipcop.org/index.php?name=news&amp;file=article&amp;sid=40

Trust: 0.1

url:http://marc.info/?l=bugtraq&amp;m=123324863916385&amp;w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&amp;m=141879471518471&amp;w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&amp;m=121866517322103&amp;w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&amp;m=121630706004256&amp;w=2

Trust: 0.1

url:http://slackware.com/security/viewer.php?l=slackware-security&amp;y=2008&amp;m=slackware-security.539239

Trust: 0.1

url:http://slackware.com/security/viewer.php?l=slackware-security&amp;y=2008&amp;m=slackware-security.452680

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/331.html

Trust: 0.1

url:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123

Trust: 0.1

url:https://usn.ubuntu.com/622-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/6122/

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.

Trust: 0.1

url:http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html.

Trust: 0.1

url:http://www.cisco.com/go/psirt

Trust: 0.1

url:http://www.cisco.com/web/about/security/intelligence/dns-bcp.html.

Trust: 0.1

url:http://www.cisco.com/en/us/products/prod_warranties_item09186a008088e31f.html,

Trust: 0.1

url:http://www.cisco.com/pcgi-bin/software/tablebuild/tablebuild.pl/nr-eval

Trust: 0.1

url:http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Trust: 0.1

url:http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

Trust: 0.1

url:http://www.cisco.com.

Trust: 0.1

url:http://www.cisco.com/go/psirt.

Trust: 0.1

url:https://www.example.com

Trust: 0.1

url:http://www.cisco.com/warp/public/687/directory/dirtac.shtml

Trust: 0.1

url:http://www.cisco.com/public/sw-center/sw-usingswc.shtml.

Trust: 0.1

url:http://intellishield.cisco.com/security/alertmanager/cvss

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://itrc.hp.com

Trust: 0.1

url:http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.dsc

Trust: 0.1

url:http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz

Trust: 0.1

url:http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2_all.deb

Trust: 0.1

url:http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.diff.gz

Trust: 0.1

url:http://security.freebsd.org/patches/sa-08:06/bind7.patch.asc

Trust: 0.1

url:http://security.freebsd.org/patches/sa-08:06/bind63.patch

Trust: 0.1

url:http://security.freebsd.org/>.

Trust: 0.1

url:http://security.freebsd.org/patches/sa-08:06/bind63.patch.asc

Trust: 0.1

url:http://security.freebsd.org/patches/sa-08:06/bind7.patch

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-2926

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4313

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2009-0025

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2006-4096

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/patch/home/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4244

Trust: 0.1

url:http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&

Trust: 0.1

url:http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/457875)

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-200809-02.xml

Trust: 0.1

url:http://bugs.gentoo.org.

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3350

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-3350

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://secunia.com/advisories/31430/

Trust: 0.1

url:http://pinguar.org

Trust: 0.1

url:http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-0107

Trust: 0.1

url:http://h20000.www2.hp.com/bizsupport/techsupport/documentindex.jsp?contenttype=supportmanual&lang=en&cc=us&docindexid=179111&taskid=101&prodtypeid=12169&prodseriesid=315667

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-0086

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-1454

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-2247

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-1435

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-0106

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-0085

Trust: 0.1

url:http://www.microsoft.com/technet/security/bulletin/summary.mspx

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-2248

Trust: 0.1

url:http://www.microsoft.com/downloads/details.aspx?familyid=889482fc-5f56-4a38-b838-de776fd4138c&hash=syssxdf&displaylang=en

Trust: 0.1

sources: CERT/CC: VU#800113 // CERT/CC: VU#457875 // VULHUB: VHN-31572 // VULMON: CVE-2008-1447 // PACKETSTORM: 68039 // PACKETSTORM: 74443 // PACKETSTORM: 68068 // PACKETSTORM: 94774 // PACKETSTORM: 70207 // PACKETSTORM: 68183 // PACKETSTORM: 130183 // PACKETSTORM: 68360 // PACKETSTORM: 46512 // PACKETSTORM: 69643 // PACKETSTORM: 69021 // PACKETSTORM: 68037 // PACKETSTORM: 68199 // PACKETSTORM: 68038 // CNNVD: CNNVD-200807-129 // NVD: CVE-2008-1447

CREDITS

Dan Kaminsky

Trust: 0.6

sources: CNNVD: CNNVD-200807-129

SOURCES

db:CERT/CCid:VU#800113
db:CERT/CCid:VU#457875
db:VULHUBid:VHN-31572
db:VULMONid:CVE-2008-1447
db:PACKETSTORMid:68039
db:PACKETSTORMid:74443
db:PACKETSTORMid:68068
db:PACKETSTORMid:94774
db:PACKETSTORMid:70207
db:PACKETSTORMid:68183
db:PACKETSTORMid:130183
db:PACKETSTORMid:68360
db:PACKETSTORMid:46512
db:PACKETSTORMid:69643
db:PACKETSTORMid:69021
db:PACKETSTORMid:68037
db:PACKETSTORMid:68199
db:PACKETSTORMid:68038
db:CNNVDid:CNNVD-200807-129
db:NVDid:CVE-2008-1447

LAST UPDATE DATE

2024-12-21T19:46:59.765000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#800113date:2014-04-14T00:00:00
db:CERT/CCid:VU#457875date:2004-10-18T00:00:00
db:VULHUBid:VHN-31572date:2020-03-24T00:00:00
db:VULMONid:CVE-2008-1447date:2020-03-24T00:00:00
db:CNNVDid:CNNVD-200807-129date:2020-03-25T00:00:00
db:NVDid:CVE-2008-1447date:2024-11-21T00:44:32.723

SOURCES RELEASE DATE

db:CERT/CCid:VU#800113date:2008-07-08T00:00:00
db:CERT/CCid:VU#457875date:2002-11-19T00:00:00
db:VULHUBid:VHN-31572date:2008-07-08T00:00:00
db:VULMONid:CVE-2008-1447date:2008-07-08T00:00:00
db:PACKETSTORMid:68039date:2008-07-10T06:26:35
db:PACKETSTORMid:74443date:2009-01-29T21:47:08
db:PACKETSTORMid:68068date:2008-07-10T07:29:30
db:PACKETSTORMid:94774date:2010-10-15T02:12:40
db:PACKETSTORMid:70207date:2008-09-22T21:37:12
db:PACKETSTORMid:68183date:2008-07-15T02:48:11
db:PACKETSTORMid:130183date:2015-01-30T22:37:09
db:PACKETSTORMid:68360date:2008-07-21T19:44:10
db:PACKETSTORMid:46512date:2006-05-22T06:59:00
db:PACKETSTORMid:69643date:2008-09-04T22:22:48
db:PACKETSTORMid:69021date:2008-08-13T04:21:24
db:PACKETSTORMid:68037date:2008-07-10T06:23:57
db:PACKETSTORMid:68199date:2008-07-15T16:45:48
db:PACKETSTORMid:68038date:2008-07-10T06:24:58
db:CNNVDid:CNNVD-200807-129date:2008-07-08T00:00:00
db:NVDid:CVE-2008-1447date:2008-07-08T23:41:00