Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0160 -- [RedHat]
Moderate: bind security update
15 March 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: bind
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux 5
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2007-0494 CVE-2007-0493
Ref: ESB-2007.0050
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0057.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: bind security update
Advisory ID: RHSA-2007:0057-02
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0057.html
Issue date: 2007-03-14
Updated on: 2007-03-14
Product: Red Hat Enterprise Linux
Keywords: named bind dnssec
CVE Names: CVE-2007-0493 CVE-2007-0494
- - ---------------------------------------------------------------------
1. Summary:
Updated bind packages that fix a security issue and a bug are now available
for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Problem description:
ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.
A flaw was found in the way BIND processed certain DNS query responses. On
servers that had enabled DNSSEC validation, this could allow a remote
attacker to cause a denial of service. (CVE-2007-0494)
A use-after-free flaw was found in BIND. On servers that have recursion
enabled, this could allow a remote attacker to cause a denial of service.
(CVE-2007-0493)
Users of BIND are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
224445 - CVE-2007-0493 BIND might crash after attempting to read free()-ed memory
225229 - CVE-2007-0494 BIND dnssec denial of service
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm
061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm
i386:
d1b235753f0a30bf50c686b8889bdabb bind-9.3.3-8.el5.i386.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm
5b6f33360d14530cedaabfeb018772af bind-sdb-9.3.3-8.el5.i386.rpm
9b7d14e4e7247d26b4ab1c670c295f8c bind-utils-9.3.3-8.el5.i386.rpm
x86_64:
4d22697b70add12f9c124cc8cf286859 bind-9.3.3-8.el5.x86_64.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm
0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm
dafc0a981792ee6504a665a0cd529d01 bind-libs-9.3.3-8.el5.x86_64.rpm
c05f0ec51d2439f4dd8f27b21bdbfe4f bind-sdb-9.3.3-8.el5.x86_64.rpm
7251b73070a92dc90be41b0372000f61 bind-utils-9.3.3-8.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm
061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm
i386:
3a8443e9f2da36135da2a8c002e9a571 bind-chroot-9.3.3-8.el5.i386.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm
7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm
ed3a96d19f0668ded01e63d6b422e3d2 caching-nameserver-9.3.3-8.el5.i386.rpm
x86_64:
1600c5327978f14cff4e3d6c723cd56e bind-chroot-9.3.3-8.el5.x86_64.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm
2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm
614c450db2303add7d716f9598ee4b9b bind-devel-9.3.3-8.el5.x86_64.rpm
7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm
07eb939ce9b72a601a11edd744234499 bind-libbind-devel-9.3.3-8.el5.x86_64.rpm
13fcf98bf097c8f5066941527658422b caching-nameserver-9.3.3-8.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm
061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm
i386:
d1b235753f0a30bf50c686b8889bdabb bind-9.3.3-8.el5.i386.rpm
3a8443e9f2da36135da2a8c002e9a571 bind-chroot-9.3.3-8.el5.i386.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm
7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm
0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm
5b6f33360d14530cedaabfeb018772af bind-sdb-9.3.3-8.el5.i386.rpm
9b7d14e4e7247d26b4ab1c670c295f8c bind-utils-9.3.3-8.el5.i386.rpm
ed3a96d19f0668ded01e63d6b422e3d2 caching-nameserver-9.3.3-8.el5.i386.rpm
ia64:
08f4fd9cbb47d965af28da56ccd26eca bind-9.3.3-8.el5.ia64.rpm
7411dc9f8cd53f8856d4b9c2fdf067ca bind-chroot-9.3.3-8.el5.ia64.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
8c5efae65c85cd53878166066b9c5cc9 bind-debuginfo-9.3.3-8.el5.ia64.rpm
1d16d639b459fe2b2a9dbb306407cdea bind-devel-9.3.3-8.el5.ia64.rpm
881a976fd60622c832e5b765e3a8729a bind-libbind-devel-9.3.3-8.el5.ia64.rpm
0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm
fda8d77c60383c569e4eb17f6b066c58 bind-libs-9.3.3-8.el5.ia64.rpm
b9c03a97fc999979339c7d5c4f1ca697 bind-sdb-9.3.3-8.el5.ia64.rpm
cdbd214f638e98281402a5691883896f bind-utils-9.3.3-8.el5.ia64.rpm
85f4480c97389bdb422e2e5431830dd3 caching-nameserver-9.3.3-8.el5.ia64.rpm
ppc:
97eb06f5f63d9b1dd8d8ef041a877632 bind-9.3.3-8.el5.ppc.rpm
a865dd4b52d40727d7ced7146942d088 bind-chroot-9.3.3-8.el5.ppc.rpm
2b89b5609242826517643b6289b8a09e bind-debuginfo-9.3.3-8.el5.ppc.rpm
47ca706022444136bef013b249dd32e1 bind-debuginfo-9.3.3-8.el5.ppc64.rpm
807d87da920d8767cd7be81ec9b23321 bind-devel-9.3.3-8.el5.ppc.rpm
e2e769b4315e07e7195806a9c005cffe bind-devel-9.3.3-8.el5.ppc64.rpm
4ecaa16632585f2216d63021586e48a7 bind-libbind-devel-9.3.3-8.el5.ppc.rpm
4e678e537581aa6b6a74d364d74f69d4 bind-libbind-devel-9.3.3-8.el5.ppc64.rpm
dec1559e9bb45aa632847eb6ddc934a9 bind-libs-9.3.3-8.el5.ppc.rpm
6b22f1a2277a9667bb20ab80cdb8483f bind-libs-9.3.3-8.el5.ppc64.rpm
55d0288209e14a9bede395a24d0e93ac bind-sdb-9.3.3-8.el5.ppc.rpm
b13aae75cb909caaf8a8a23ded7e8041 bind-utils-9.3.3-8.el5.ppc.rpm
f0b76f1c2623f5fc385d4f12ef466550 caching-nameserver-9.3.3-8.el5.ppc.rpm
s390x:
c26913a7906a9c810ab21adfbf0f811f bind-9.3.3-8.el5.s390x.rpm
db3adf531b274576542b2a974d467742 bind-chroot-9.3.3-8.el5.s390x.rpm
cac132d3282b90e6b28965fa84c6553e bind-debuginfo-9.3.3-8.el5.s390.rpm
6f5b92db72685d3af1151a1fef462c86 bind-debuginfo-9.3.3-8.el5.s390x.rpm
74fb9b7fdbe7ed9642e326f39b9e64ba bind-devel-9.3.3-8.el5.s390.rpm
ffa2fd4199b49d1ad2860d775cc8981c bind-devel-9.3.3-8.el5.s390x.rpm
a023669dd68fca0a1f328eaf0edb5688 bind-libbind-devel-9.3.3-8.el5.s390.rpm
cd44c6c7d65036db055bdb184e98ecb7 bind-libbind-devel-9.3.3-8.el5.s390x.rpm
14ab6cea9014c1b219360ea63b878012 bind-libs-9.3.3-8.el5.s390.rpm
1c4675bdd52331f7f89b0b3a92cb3ce2 bind-libs-9.3.3-8.el5.s390x.rpm
f434705fdaa4918f9957391518a30f02 bind-sdb-9.3.3-8.el5.s390x.rpm
db6d7c3622e1306bc816352ca06ddbc2 bind-utils-9.3.3-8.el5.s390x.rpm
52aa7545a263150a525a44f0389d2205 caching-nameserver-9.3.3-8.el5.s390x.rpm
x86_64:
4d22697b70add12f9c124cc8cf286859 bind-9.3.3-8.el5.x86_64.rpm
1600c5327978f14cff4e3d6c723cd56e bind-chroot-9.3.3-8.el5.x86_64.rpm
151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm
7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm
2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm
614c450db2303add7d716f9598ee4b9b bind-devel-9.3.3-8.el5.x86_64.rpm
7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm
07eb939ce9b72a601a11edd744234499 bind-libbind-devel-9.3.3-8.el5.x86_64.rpm
0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm
dafc0a981792ee6504a665a0cd529d01 bind-libs-9.3.3-8.el5.x86_64.rpm
c05f0ec51d2439f4dd8f27b21bdbfe4f bind-sdb-9.3.3-8.el5.x86_64.rpm
7251b73070a92dc90be41b0372000f61 bind-utils-9.3.3-8.el5.x86_64.rpm
13fcf98bf097c8f5066941527658422b caching-nameserver-9.3.3-8.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764
http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFF+BVGXlSAg2UNWIIRAuIxAKCMnf6jiIfPvxOsugLHs8czNlSU5wCdHjrm
x2Mc5FuJu9iEp9GLtk9nf/o=
=85O7
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRfiNFCh9+71yA2DNAQIkHwP+NYOo0H6Kv1Vb7oWPOfDEMx6HgyafKUXO
68fMwWQQ7lzMWXeOkQbGTUtIN1byaEkp6lNfCgrF3WcHgLPTUv30Z7wJBWXybZQI
RfllzFtJnT4FChB7JvURHl/tVUmMus28H1R0ag2+yrLiq7Lxr3eTyXS5D63/3EQ4
xICk0pNe0YY=
=bt0h
-----END PGP SIGNATURE-----