U radu programskog paketa BIND uočena su dva sigurnosna propusta koja udaljenom napadaču omogućuju izvođenje napada uskraćivanjem usluge (DoS).
Paket:
BIND 9.x
Operacijski sustavi:
Slackware Linux 8.1, Slackware Linux 9.0, Slackware Linux 9.1, Slackware Linux 10.0, Slackware Linux 10.1, Slackware Linux 10.2, Slackware Linux 11.0, Slackware Linux 12.0, Slackware Linux 12.1, Slackware Linux 12.2, Slackware Linux 13.0, Slackware Linux 13.1, Slackware Linux 13.37
Kritičnost:
3.7
Problem:
nespecificirana pogreška, pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-1910, CVE-2011-2464
Izvorni ID preporuke:
SSA:2011-224-01
Izvor:
Slackware
Problem:
Propusti su posljedica tzv. "off-by-one" pogreške te nespecificirane ranjivosti.
Posljedica:
Napadaču ranjivosti omogućuju izvođenje DoS napada.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] bind (SSA:2011-224-01)
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security
issues.
Here are the details from the Slackware 13.37 ChangeLog:
+--------------------------+
patches/packages/bind-9.7.4-i486-1_slack13.37.txz: Upgraded.
This BIND update addresses a couple of security issues:
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R5-i386-1_slack8.1.tgz
Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R5-i386-1_slack9.0.tgz
Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack9.1.tgz
Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.0.tgz
Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.1.tgz
Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.2.tgz
Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack11.0.tgz
Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.0.tgz
Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.1.tgz
Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.2.tgz
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.4-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.4-x86_64-1_slack13.37.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.4-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.4-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 8.1 package:
dc89ecedef601f734fd45daa5bdcd7d9 bind-9.4_ESV_R5-i386-1_slack8.1.tgz
Slackware 9.0 package:
d3bfca586ce41793538cec589ec5e885 bind-9.4_ESV_R5-i386-1_slack9.0.tgz
Slackware 9.1 package:
f515e3b8a2b22e1ba39735951f384bfe bind-9.4_ESV_R5-i486-1_slack9.1.tgz
Slackware 10.0 package:
baefa4932cef962cd911dc4d963f014e bind-9.4_ESV_R5-i486-1_slack10.0.tgz
Slackware 10.1 package:
8dabc6e5022b1135a9ba8a0aca654233 bind-9.4_ESV_R5-i486-1_slack10.1.tgz
Slackware 10.2 package:
b956f174f5804d04afe9f922e6dce047 bind-9.4_ESV_R5-i486-1_slack10.2.tgz
Slackware 11.0 package:
71b7dea3e090840d319ee14bae47066e bind-9.4_ESV_R5-i486-1_slack11.0.tgz
Slackware 12.0 package:
a62f276534e0528ff72e619fd6693a9c bind-9.4_ESV_R5-i486-1_slack12.0.tgz
Slackware 12.1 package:
2687b1d88aa9098f8c2f17b0a2305922 bind-9.4_ESV_R5-i486-1_slack12.1.tgz
Slackware 12.2 package:
400f63e3904f17878ffcfb708dc2441e bind-9.4_ESV_R5-i486-1_slack12.2.tgz
Slackware 13.0 package:
09ef7f2dc543effe1c6867403f577c31 bind-9.4_ESV_R5-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
54a40e83d4fbdc6ad5cb6a6f675c32a5 bind-9.4_ESV_R5-x86_64-1_slack13.0.txz
Slackware 13.1 package:
892a69decaf20b0fdbb3c26e350f4091 bind-9.4_ESV_R5-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
c0455392827bbab32f2f61efad86d306 bind-9.4_ESV_R5-x86_64-1_slack13.1.txz
Slackware 13.37 package:
dd9c61c7937d6962644f3ab3b6827e9c bind-9.7.4-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
5b1a647dbb9650dfcaf60e17c9de5c6b bind-9.7.4-x86_64-1_slack13.37.txz
Slackware -current package:
8de3690d50448e07641ab56781809fb3 n/bind-9.7.4-i486-1.txz
Slackware x86_64 -current package:
052dc19a356df332d355581aa1d798f6 n/bind-9.7.4-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg bind-9.7.4-i486-1_slack13.37.txz
Then, restart the name server:
# /etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite. with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk5FuTkACgkQakRjwEAQIjNolACdHHJwiTlSHtHL4rCjT4xK/TSX
GdQAnjYmgJrfgwJaiT1+smwFi6KG5o4Z
=T6y2
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke