Computer Security
[EN] securityvulns.ru no-pyccku


bind DNS server cache poisoning
updated since 01.12.2009
Published:17.03.2010
Source:
SecurityVulns ID:10431
Type:remote
Threat Level:
5/10
Description:It's possible to inject cache record during DNSSEC request processing.
Affected:BIND : bind 9.4
 BIND : bind 9.5
 ISC : bind 9.6
 ISC : bind 9.7
CVE:CVE-2010-0382 (ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.)
 CVE-2010-0290 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.)
 CVE-2009-4022 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.)
Original documentdocumentRPATH, rPSA-2010-0018-1 bind bind-utils caching-nameserver (17.03.2010)
 documentMANDRIVA, [ MDVSA-2010:021 ] bind (21.01.2010)
 documentMANDRIVA, [ MDVSA-2009:304 ] bind (01.12.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod