Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-706-1: Bind vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-706-1: Bind vulnerability
# 1  
Old 01-08-2009
USN-706-1: Bind vulnerability
Referenced CVEs:
CVE-2009-0025


Description:
===========================================================Ubuntu Security Notice USN-706-1 January 09, 2009bind9 vulnerabilityCVE-2009-0025===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.6Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2.1Ubuntu 8.04 LTS: libdns35 1:9.4.2.dfsg.P2-2ubuntu0.1Ubuntu 8.10: libdns43 1:9.5.0.dfsg.P2-1ubuntu3.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:It was discovered that Bind did not properly perform certificate verification.When DNSSEC with DSA certificates are in use, a remote attacker could exploitthis to bypass certificate validation to spoof DNS entries and poison DNScaches. Among other things, this could lead to misdirected email and webtraffic.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

usbipd

USBIP(8)						  System Administration Utilities						  USBIP(8)

NAME

       usbipd - USB/IP server daemon

SYNOPSIS

       usbipd [options]

DESCRIPTION

       usbipd provides USB/IP clients access to exported USB devices.

       Devices have to explicitly be exported using usbip bind before usbipd makes them available to other hosts.

       The  daemon accepts connections from USB/IP clients on TCP port 3240.  The clients authorised to connect may be configured as documented in
       hosts_access(5).

OPTIONS

       -D, --daemon

	      Run as a daemon process.

       -d, --debug

	      Print debugging information.

       -v, --version

	      Show version.

LIMITATIONS

       usbipd offers no authentication or authorization for USB/IP. Any USB/IP client running on an authorised host can connect and  use  exported
       devices.

EXAMPLES

	   server:# modprobe usbip

	   server:# usbipd -D
	       - Start usbip daemon.

	   server:# usbip list
	       - List driver assignments for usb devices.

	   server:# usbip bind -b 1-2
	       - Bind usbip-host.ko to the device of busid 1-2.
	       - A usb device 1-2 is now exportable to other hosts!
	       - Use 'usbip unbind -b 1-2' when you want to shutdown exporting and use the device locally.

SEE ALSO

       usbip(8)

usbip								   February 2009							  USBIP(8)