Multiple DNS implementations vulnerable to cache poisoning
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA08-190B.html
JVNRSS based Status Tracking Notes: Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Effective attack techniques against these vulnerabilities have been demonstrated.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA08-190B2008-08-31T04:54+00:002008-07-20T10:29+00:002008-08-31T04:54+00:00Domain Name Security Paper Released
http://www.icann.org/en/announcements/announcement-24jul08-en.htm
ICANN's strategic and operating plans call for ICANN to be operationally ready to deploy DNSSEC at the root level and work with relevant stakeholders to determine how this should be implemented.
ICANNhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-242008-08-242008-08-24Securing the Federal Government's Domain Name System Infrastructure (Submission of Draft Agency Plans Due by September 5, 2008)
http://www.whitehouse.gov/omb/memoranda/fy2008/m08-23.pdf
This memorandum describes existing and new policies for deploying Domain Name System Security (DNSSEC) to all Federal information systems by December 2009. DNSSEC provides cryptographic protections to DNS communication exchanges, thereby removing threats of DNS-based attacks and improving the overall integrity and authenticity of information processed over the Internet.
Office of Management and BudgetM-08-23http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-222008-08-222008-08-22Successfully poisoned the latest BIND with fully randomized ports!
http://www.securityfocus.com/bid/30131?jvntrev=6
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
Exploit required to send more than 130 thousand of requests for the fake records like 131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry for the poisoned_dns.blah.com.
#Cid: attack_client.c
SecurityFocushttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-082008-08-082008-08-08SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
http://www.securityfocus.com/archive/1/495188
Hewlett-PackardHPSBUX02351http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-14472008-08-06T13:45-07:002008-08-06T13:45-07:002008-08-06T13:45-07:00ICANN Highlights Domain Name System Vulnerability; Releases Tools
http://icann.org/en/announcements/announcement-06aug08-en.htm
To detect whether a particular zone is vulnerable, ICANN has produced a tool that can check a particular domain:
ICANNhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-062008-08-062008-08-06Why So Serious
http://www.doxpara.com/?p=1204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-062008-08-062008-08-06BIND: -P2 patches are released
http://isc.sans.org/diary.html?storyid=4816
As expected, the Internet Systems Consortium released patches today addressing stability and performance issues some of those having significant load on their systems were struggling with.
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-08-02T11:12+00:002008-08-02T11:12+00:002008-08-02T11:12+00:00bind-9.4.2-P2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.2-P2/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-08-01T23:54+00:002008-08-01T23:54+00:002008-08-01T23:54+00:00bind-9.5.0-P2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.0-P2/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-08-01T23:54+00:002008-08-01T23:54+00:002008-08-01T23:54+00:00bind-9.3.5-P2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.3.5-P2/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-08-01T23:53+00:002008-08-01T23:53+00:002008-08-01T23:53+00:00DNS Multiple Race Exploiting Tool
http://www.securityfocus.com/bid/30131?jvntrev=1
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
#Cid: dns_mre-v1.0.tar.gz
#Tested: Windows 2003 server
SecurityFocushttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-08-01T18:33+03:002008-08-01T18:33+03:002008-08-01T18:33+03:00DNS Cache Poisoning Issue Update
http://isc.sans.org/diary.html?storyid=4801
Ok, we have a confirmed instance where the DNS cache poisoning vulnerability was used to compromise a DNS server belonging to AT&T. This PCWorld article covers the incident. The original article makes it sound as though the Metasploit site was 'owned' by this incident when really the issue was that the AT&T DNS server was compromised and was providing erroneous IP addresses to incoming queries. This updated PCWorld article clarifies the first one.
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-30T21:20+00:002008-07-30T21:20+00:002008-07-30T21:20+00:00DNS Attacks in the Wild
http://blog.metasploit.com/2008_07_01_archive.html#8402256842313656521
In a recent conversation with Robert McMillan (IDG), I described a in-the-wild attack against one of AT&T's DNS cache servers, specifically one that was configured as an upstream forwarder for an internal DNS machine at BreakingPoint Systems. The attackers had replaced the cache entry for www.google.com with a web page that loaded advertisements hidden inside an iframe.
Metasploit Projecthttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-292008-07-292008-07-29Recursive DNS Cache Auditing Resource
http://isc.sans.org/diary.html?storyid=4784
For those with a need, research described in Jose Avila's Recursive DNS Cache Auditing presentation is backed by the ONZRA security research tool CacheAudit v.01, see the Research folder at ONZRA for the CacheAudit download.
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-25T19:45+00:002008-07-25T19:45+00:002008-07-25T19:45+00:00Increased Threat for DNS Spoofing Vulnerability
http://www.microsoft.com/technet/security/advisory/956187.mspx
DNS Insufficient Socket Entropy Vulnerability (MS08-037, CVE-2008-1447)
MicrosoftMicrosoft Security Advisory (956187)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx2008-07-25T10:23-07:002008-07-25T10:23-07:002008-07-25T10:23-07:00DNS bug - observations
http://isc.sans.org/diary.html?storyid=4780
As indicated in earlier diary entries, an authoritative server sees queries from recursive servers for nonexistent names if their domain is being targeted by the latest DNS attack. They can't do much: all they can do is report them.
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-25T14:12+00:002008-07-25T14:12+00:002008-07-25T14:12+00:00DNS developments
http://isc.sans.org/diary.html?storyid=4778
Security Blogs and E_News outlets are giving extended coverage of the DNS vulnerability exploit releases and we're receiving a few reports of attacks.
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-25T12:32+00:002008-07-25T12:32+00:002008-07-25T12:32+00:00DNS cache poisoning vulnerability details confirmed (Version: 2)
http://isc.sans.org/diary.html?storyid=4777
A couple of the handlers tuned into the Blackhat "webinar" today. The topic was Kaminsky's DNS vulnerability. Here are some quick notes...
SANS Internet Storm Centerhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-25T06:47+00:002008-07-25T06:47+00:002008-07-25T06:47+00:00Cache-Poisoning Vulnerability In Multiple DNS Servers
http://www.jpcert.or.jp/at/2008/at080013.txt?jvntrev=2
JPCERT/CCJPCERT-AT-2008-0013http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-25T01:15+00:002008-07-25T01:15+00:002008-07-25T01:15+00:00BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
http://www.securityfocus.com/bid/30131?jvntrev=5
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
#Cid: kaminsky-attack.c
SecurityFocushttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-252008-07-252008-07-25BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
http://www.securityfocus.com/bid/30131?jvntrev=4
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
#Cid: dns-recurs-poisoning.py
SecurityFocushttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-24T15:33+00:002008-07-24T15:33+00:002008-07-24T15:33+00:00DNS Cache Poisoning Public Exploit Code Available
http://www.us-cert.gov/current/archive/2008/07/24/archive.html#dns_cache_poisoning_public_exploit
US-CERT Current Activity
US-CERT is aware of publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. Exploitation of this vulnerability may allow an attacker to cause a nameserver's clients to contact the incorrect, and possibly malicious hosts for particular services. As a result, web traffic, email and other important network data could be redirected to systems under the attacker's control.
US-CERThttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-24T10:00-04:002008-07-24T10:00-04:002008-07-24T10:00-04:00Cache-Poisoning Vulnerability In Multiple DNS Servers
http://www.jpcert.or.jp/at/2008/at080014.txt
JPCERT/CCJPCERT-AT-2008-0014http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-24T10:06+00:002008-07-24T10:06+00:002008-07-24T10:06+00:00BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit for Domains (meta)
http://www.securityfocus.com/bid/30131?jvntrev=3
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
#Cid: bailiwicked_domain.rb
#Tested: BIND 9.4.1
#Tested: BIND 9.4.2
SecurityFocusCAU-EX-2008-0003http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-24T03:56+00:002008-07-24T03:56+00:002008-07-24T03:56+00:00Details
http://www.doxpara.com/?p=1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-242008-07-242008-07-24BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
http://www.securityfocus.com/bid/30131?jvntrev=2
Vulnerability Proof Of Concept (DNS Insufficient Socket Entropy - MS08-037, CVE-2008-1447)
#Cid: baliwicked_host.rb
#Tested: BIND 9.4.1
#Tested: BIND 9.4.2
SecurityFocusCAU-EX-2008-0002http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-23T22:53+00:002008-07-23T22:53+00:002008-07-23T22:53+00:00"The-Cat-is-Out-of-The-Bag" DNS Bug
http://www.avertlabs.com/research/blog/index.php/2008/07/23/the-cat-is-out-of-the-bag-dns-bug/
Computer Security Research - McAfee Avert Labs Blog
There has been a lot of hush-hush recently regarding a DNS security issue finding by Dan Kaminsky. Industry wide coordinated effort led by Dan ensured that patches were released by multiple vendors. Even though the technical details of the issue were not yet made public by Dan, an inadvertent leak by Matasano Security blog seems to have given out a lot of the information regarding the issue.
McAfeehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-14472008-07-23T13:48-06:002008-07-23T13:48-06:002008-07-23T13:48-06:00NAT/PAT Affects DNS Cache Poisoning Mitigation
http://www.us-cert.gov/current/archive/2008/07/23/archive.html#nat_pat_affects_dns_cache
US-CERT Current Activity
US-CERT released a Current Activity entry and a Vulnerability Note on July 8, 2008 regarding deficiencies in DNS implementations. These deficiencies could leave an affected system vulnerable to cache poisoning. Technical details regarding this vulnerability have been posted to public websites. Attackers could use these details to construct exploit code. Users are encouraged to patch systems or apply workarounds immediately.
A number of patches implement source port randomization in the name server as a way to reduce the practicality of cache poisoning attacks. Administrators should be aware that in infrastructures where nameservers exist behind Network Address Translation (NAT) and Port Address Translation (PAT) devices, port randomization in the nameserver may be overwritten by the NAT/PAT device and a sequential port address could be allocated. This may weaken the protection offered by source port randomization in the nameserver.
US-CERThttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-23T14:13-04:002008-07-23T14:13-04:002008-07-23T14:13-04:00Cache-Poisoning Vulnerability In Multiple DNS Servers
http://www.jpcert.or.jp/at/2008/at080013.txt?jvntrev=1
JPCERT/CCJPCERT-AT-2008-0013http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-232008-07-232008-07-23DNS Implementations Vulnerable to Cache Poisoning
http://www.us-cert.gov/current/archive/2008/07/22/archive.html#dns_implementations_vulnerable_to_cache
US-CERT Current Activity
Technical details regarding this vulnerability have been posted to public websites. Attackers could use these details to construct exploit code. Users are encouraged to patch vulnerable systems immediately.
US-CERThttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-22T07:50-04:002008-07-22T07:50-04:002008-07-22T07:50-04:00Reliable DNS Forgery in 2008: Kaminsky's Discovery
http://www.matasano.com/log/1103/reliable-dns-forgery-in-2008-kaminskys-discovery/
Matasano Security bloghttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-21T19:34+00:002008-07-21T19:34+00:002008-07-21T19:34+00:00SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
http://www.securityfocus.com/archive/1/494542
Hewlett-PackardHPSBUX02351http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-14472008-07-19T04:29-07:002008-07-19T04:29-07:002008-07-19T04:29-07:00SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
http://www.securityfocus.com/archive/1/494493
Hewlett-PackardHPSBUX02351http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-14472008-07-16T19:21-07:002008-07-16T19:21-07:002008-07-16T19:21-07:00Multiple Vendors Vulnerable to DNS Cache Poisoning
http://www.iss.net/threats/298.html
DNS Insufficient Socket Entropy Vulnerability (CVE-2008-1447)
Multiple vendor DNS protocol implementations could allow a remote attacker to poison the DNS cache. Patches that resolve the vulnerability on the DNS may be rendered ineffective if the DNS is behind a NAT device that does not randomize ports.
IBM Internet Security Systemshttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://xforce.iss.net/xforce/xfdb/43334http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx2008-07-172008-07-172008-07-17Web-based DNS Randomness Test
https://www.dns-oarc.net/oarc/services/dnsentropy
This page exists to help you learn if your ISP's nameservers are vulnerable to this type of attack. If you click on the button below, we will test the randomness of your ISP DNS resolver.
DNS-OARChttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-16T18:26+00:002008-07-16T18:26+00:002008-07-16T18:26+00:00More on DNS Cache Poisoning and Network Address Translation
http://blogs.iss.net/archive/morednsnat.html
This blog post is a followup to an earlier note I posted about the effect of different NAT devices on the recent DNS vulnerability patches. A reader named Huzeyfe ONAL wrote in to let me know that he had tested his OpenBSD machine running pf and found that each UDP session seemed to be assigned a different, random port. Several references online seem to confim this. This provides another example of a secure NAT strategy, besides the one employed by Linux.
IBM Internet Security Systemshttp://www.kb.cert.org/vuls/id/8001132008-07-14T19:53-04:002008-07-14T19:53-04:002008-07-14T19:53-04:00DNS cache poisoning
http://security.FreeBSD.org/advisories/FreeBSD-SA-08:06.bind.asc
The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
FreeBSDFreeBSD-SA-08:06.bindhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-13T19:10+00:002008-07-13T19:10+00:002008-07-13T19:10+00:00(UPDATED) DNS Cache Poisoning and Network Address Translation
http://blogs.iss.net/archive/dnsnat.html
On July 8th a number of DNS software vendors published security updates which improve the randomness of UDP source port assignments to protect against DNS Cache Poisoning. The following day someone called imipack posted an interesting observation to the Full Disclosure mailing list. He noticed that the UDP source ports for DNS transactions coming from a patched server were still sequential when placed behind a firewall performing Network Address Translation.
IBM Internet Security Systemshttp://www.kb.cert.org/vuls/id/8001132008-07-10T18:56-04:002008-07-10T18:56-04:002008-07-10T18:56-04:00DNS and Checkpoint
http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0103.html
I've had a report from someone with clue (and tcpdump) that a properly functioning DNS resolver that correctly uses randomised source ports magically becomes vulnerable once the traffic's passed through a Checkpoint firewall.
Full-disclosurehttp://www.kb.cert.org/vuls/id/8001132008-07-09T09:00-05:002008-07-09T09:00-05:002008-07-09T09:00-05:00Cache-Poisoning Vulnerability In Multiple DNS Servers
http://www.jpcert.or.jp/at/2008/at080013.txt
JPCERT/CCJPCERT-AT-2008-0013http://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-09T04:35+00:002008-07-09T04:35+00:002008-07-09T04:35+00:00Multiple Vendors DNS Spoofing Vulnerability (Version: 4)
http://isc.sans.org/diary.html?storyid=4687
Overview of the July 2008 Microsoft patches and their status.
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA08-190B.htmlhttp://www.kb.cert.org/vuls/id/800113http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-14472008-07-08T23:09+00:002008-07-08T23:09+00:002008-07-08T23:09+00:00Microsoft Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-190B.html
Via US-CERT Mailing List
US-CERTTA08-190Bhttp://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-08T16:49-04:002008-07-08T16:49-04:002008-07-08T16:49-04:00Microsoft Security Bulletin Summary for July 2008
http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx
Included in this advisory are updates for newly discovered vulnerabilities.
MicrosoftMS08-JULhttp://www.microsoft.com/technet/security/bulletin/ms08-037.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-038.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-039.mspxhttp://www.microsoft.com/technet/security/bulletin/ms08-040.mspx2008-07-08T16:08-04:002008-07-08T16:08-04:002008-07-08T16:08-04:00DNS Implementations Vulnerable to Cache Poisoning
http://www.us-cert.gov/current/archive/2008/07/08/archive.html#dns_implementations_vulnerable_to_cache
US-CERT Current Activity
US-CERT is aware of deficiencies in the DNS protocol. Implementations of this protocol may leave the affected system vulnerable to DNS cache poisoning attacks. If an attacker can successfully conduct a cache poisoning attack, they may be able to cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. This may allow an attacker to obtain sensitive information or mislead users into believing they are visiting a legitimate website.
US-CERThttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-08T15:37-04:002008-07-08T15:37-04:002008-07-08T15:37-04:00Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.
Ciscocisco-sa-20080708-dnshttp://www.us-cert.gov/cas/techalerts/TA08-190B.html2008-07-08T18:00+00:002008-07-08T18:00+00:002008-07-08T18:00+00:00ISC BIND patch release
ftp://ftp.isc.org/isc/bind9/9.5.1b1/9.5.1b1
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-08T06:10+00:002008-07-08T06:10+00:002008-07-08T06:10+00:00ISC acts quickly to shield BIND user base
http://www.isc.org/about/press/?pr=2008070800
Internet Systems Consortium (ISC) released several fixes for BIND9 in response to the United States Computer Emergency Readiness Team (US-CERT) Vulnerability notice number 800113 regarding a DNS Cache Poisoning Issue. The basis for the vulnerability is inherent in the DNS protocol and not a flaw specific to BIND9, the leading software implementation of the DNS protocol written and distributed by ISC.
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-082008-07-082008-07-08bind-9.5.1b1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.1b1/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-04T05:56+00:002008-07-04T05:56+00:002008-07-04T05:56+00:00bind-9.4.3b2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3b2/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-07-04T05:55+00:002008-07-04T05:55+00:002008-07-04T05:55+00:00bind-9.3.5-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.3.5-P1/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-05-28T22:54+00:002008-05-28T22:54+00:002008-05-28T22:54+00:00bind-9.5.0-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.0-P1/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-05-28T21:03+00:002008-05-28T21:03+00:002008-05-28T21:03+00:00bind-9.4.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.2-P1/
ISC BIND patch
Internet Systems Consortium (ISC)http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447http://www.kb.cert.org/vuls/id/8001132008-05-28T19:40+00:002008-05-28T19:40+00:002008-05-28T19:40+00:00