Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-706-1: Bind vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-706-1: Bind vulnerability
# 1  
Old 01-08-2009
USN-706-1: Bind vulnerability
Referenced CVEs:
CVE-2009-0025


Description:
===========================================================Ubuntu Security Notice USN-706-1 January 09, 2009bind9 vulnerabilityCVE-2009-0025===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.6Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2.1Ubuntu 8.04 LTS: libdns35 1:9.4.2.dfsg.P2-2ubuntu0.1Ubuntu 8.10: libdns43 1:9.5.0.dfsg.P2-1ubuntu3.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:It was discovered that Bind did not properly perform certificate verification.When DNSSEC with DSA certificates are in use, a remote attacker could exploitthis to bypass certificate validation to spoof DNS entries and poison DNScaches. Among other things, this could lead to misdirected email and webtraffic.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

svc.conf

svc.conf(5)							File Formats Manual						       svc.conf(5)

Name
       svc.conf - database service selection and security configuration file

Description
       The  file  is a mandatory system file that allows you to select the desired services on a per database basis.  It also allows you to select
       security parameters.  The default file has as the service selected for each database.  This file must be modified when adding or removing a
       naming  service,  such  as Yellow Pages or BIND/Hesiod.	The valid services are and Modifications to the file can be made with an editor or
       the command for database service selection.  They can be made with the command for security parameter selection.  Changes take effect imme-
       diately.  The recommended configuration is that you have as the first entry for all databases.

Restrictions
       White space is allowed only after commas or newlines.

       You must have as the first entry for the and databases.

       You must have as the entry for the database.

       You must have either or as the entry for the database.

Examples
       The  following  is a sample file: aliases=yp auth=local,bind group=local,yp hosts=local,bind,yp netgroup=yp networks=bind passwd=local,bind
       protocols=local,bind rpc=local,bind services=local

       PASSLENMIN=6 PASSLENMAX=16 SOFTEXP=604800	 # 7 days in seconds SECLEVEL=BSD	    # (BSD | UPGRADE | ENHANCED)

Files
See Also
       getsvc(3), svcsetup(8)
       Guide to the BIND/Hesiod Service
       Guide to the Yellow Pages Service

																       svc.conf(5)