Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0160 -- [RedHat] Moderate: bind security update 15 March 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: bind Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Impact: Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2007-0494 CVE-2007-0493 Ref: ESB-2007.0050 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0057.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2007:0057-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0057.html Issue date: 2007-03-14 Updated on: 2007-03-14 Product: Red Hat Enterprise Linux Keywords: named bind dnssec CVE Names: CVE-2007-0493 CVE-2007-0494 - - --------------------------------------------------------------------- 1. Summary: Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. A flaw was found in the way BIND processed certain DNS query responses. On servers that had enabled DNSSEC validation, this could allow a remote attacker to cause a denial of service. (CVE-2007-0494) A use-after-free flaw was found in BIND. On servers that have recursion enabled, this could allow a remote attacker to cause a denial of service. (CVE-2007-0493) Users of BIND are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 224445 - CVE-2007-0493 BIND might crash after attempting to read free()-ed memory 225229 - CVE-2007-0494 BIND dnssec denial of service 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm 061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm i386: d1b235753f0a30bf50c686b8889bdabb bind-9.3.3-8.el5.i386.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm 5b6f33360d14530cedaabfeb018772af bind-sdb-9.3.3-8.el5.i386.rpm 9b7d14e4e7247d26b4ab1c670c295f8c bind-utils-9.3.3-8.el5.i386.rpm x86_64: 4d22697b70add12f9c124cc8cf286859 bind-9.3.3-8.el5.x86_64.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm 0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm dafc0a981792ee6504a665a0cd529d01 bind-libs-9.3.3-8.el5.x86_64.rpm c05f0ec51d2439f4dd8f27b21bdbfe4f bind-sdb-9.3.3-8.el5.x86_64.rpm 7251b73070a92dc90be41b0372000f61 bind-utils-9.3.3-8.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm 061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm i386: 3a8443e9f2da36135da2a8c002e9a571 bind-chroot-9.3.3-8.el5.i386.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm 7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm ed3a96d19f0668ded01e63d6b422e3d2 caching-nameserver-9.3.3-8.el5.i386.rpm x86_64: 1600c5327978f14cff4e3d6c723cd56e bind-chroot-9.3.3-8.el5.x86_64.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm 2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm 614c450db2303add7d716f9598ee4b9b bind-devel-9.3.3-8.el5.x86_64.rpm 7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm 07eb939ce9b72a601a11edd744234499 bind-libbind-devel-9.3.3-8.el5.x86_64.rpm 13fcf98bf097c8f5066941527658422b caching-nameserver-9.3.3-8.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.3-8.el5.src.rpm 061e9150a2729ef73db3f42224f9ec4a bind-9.3.3-8.el5.src.rpm i386: d1b235753f0a30bf50c686b8889bdabb bind-9.3.3-8.el5.i386.rpm 3a8443e9f2da36135da2a8c002e9a571 bind-chroot-9.3.3-8.el5.i386.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm 7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm 0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm 5b6f33360d14530cedaabfeb018772af bind-sdb-9.3.3-8.el5.i386.rpm 9b7d14e4e7247d26b4ab1c670c295f8c bind-utils-9.3.3-8.el5.i386.rpm ed3a96d19f0668ded01e63d6b422e3d2 caching-nameserver-9.3.3-8.el5.i386.rpm ia64: 08f4fd9cbb47d965af28da56ccd26eca bind-9.3.3-8.el5.ia64.rpm 7411dc9f8cd53f8856d4b9c2fdf067ca bind-chroot-9.3.3-8.el5.ia64.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 8c5efae65c85cd53878166066b9c5cc9 bind-debuginfo-9.3.3-8.el5.ia64.rpm 1d16d639b459fe2b2a9dbb306407cdea bind-devel-9.3.3-8.el5.ia64.rpm 881a976fd60622c832e5b765e3a8729a bind-libbind-devel-9.3.3-8.el5.ia64.rpm 0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm fda8d77c60383c569e4eb17f6b066c58 bind-libs-9.3.3-8.el5.ia64.rpm b9c03a97fc999979339c7d5c4f1ca697 bind-sdb-9.3.3-8.el5.ia64.rpm cdbd214f638e98281402a5691883896f bind-utils-9.3.3-8.el5.ia64.rpm 85f4480c97389bdb422e2e5431830dd3 caching-nameserver-9.3.3-8.el5.ia64.rpm ppc: 97eb06f5f63d9b1dd8d8ef041a877632 bind-9.3.3-8.el5.ppc.rpm a865dd4b52d40727d7ced7146942d088 bind-chroot-9.3.3-8.el5.ppc.rpm 2b89b5609242826517643b6289b8a09e bind-debuginfo-9.3.3-8.el5.ppc.rpm 47ca706022444136bef013b249dd32e1 bind-debuginfo-9.3.3-8.el5.ppc64.rpm 807d87da920d8767cd7be81ec9b23321 bind-devel-9.3.3-8.el5.ppc.rpm e2e769b4315e07e7195806a9c005cffe bind-devel-9.3.3-8.el5.ppc64.rpm 4ecaa16632585f2216d63021586e48a7 bind-libbind-devel-9.3.3-8.el5.ppc.rpm 4e678e537581aa6b6a74d364d74f69d4 bind-libbind-devel-9.3.3-8.el5.ppc64.rpm dec1559e9bb45aa632847eb6ddc934a9 bind-libs-9.3.3-8.el5.ppc.rpm 6b22f1a2277a9667bb20ab80cdb8483f bind-libs-9.3.3-8.el5.ppc64.rpm 55d0288209e14a9bede395a24d0e93ac bind-sdb-9.3.3-8.el5.ppc.rpm b13aae75cb909caaf8a8a23ded7e8041 bind-utils-9.3.3-8.el5.ppc.rpm f0b76f1c2623f5fc385d4f12ef466550 caching-nameserver-9.3.3-8.el5.ppc.rpm s390x: c26913a7906a9c810ab21adfbf0f811f bind-9.3.3-8.el5.s390x.rpm db3adf531b274576542b2a974d467742 bind-chroot-9.3.3-8.el5.s390x.rpm cac132d3282b90e6b28965fa84c6553e bind-debuginfo-9.3.3-8.el5.s390.rpm 6f5b92db72685d3af1151a1fef462c86 bind-debuginfo-9.3.3-8.el5.s390x.rpm 74fb9b7fdbe7ed9642e326f39b9e64ba bind-devel-9.3.3-8.el5.s390.rpm ffa2fd4199b49d1ad2860d775cc8981c bind-devel-9.3.3-8.el5.s390x.rpm a023669dd68fca0a1f328eaf0edb5688 bind-libbind-devel-9.3.3-8.el5.s390.rpm cd44c6c7d65036db055bdb184e98ecb7 bind-libbind-devel-9.3.3-8.el5.s390x.rpm 14ab6cea9014c1b219360ea63b878012 bind-libs-9.3.3-8.el5.s390.rpm 1c4675bdd52331f7f89b0b3a92cb3ce2 bind-libs-9.3.3-8.el5.s390x.rpm f434705fdaa4918f9957391518a30f02 bind-sdb-9.3.3-8.el5.s390x.rpm db6d7c3622e1306bc816352ca06ddbc2 bind-utils-9.3.3-8.el5.s390x.rpm 52aa7545a263150a525a44f0389d2205 caching-nameserver-9.3.3-8.el5.s390x.rpm x86_64: 4d22697b70add12f9c124cc8cf286859 bind-9.3.3-8.el5.x86_64.rpm 1600c5327978f14cff4e3d6c723cd56e bind-chroot-9.3.3-8.el5.x86_64.rpm 151c1d0c78cbbbab36737e944f175450 bind-debuginfo-9.3.3-8.el5.i386.rpm 7d2051147d67e045e464b988ef78b001 bind-debuginfo-9.3.3-8.el5.x86_64.rpm 2560fb157737b50781f0000b24fed60c bind-devel-9.3.3-8.el5.i386.rpm 614c450db2303add7d716f9598ee4b9b bind-devel-9.3.3-8.el5.x86_64.rpm 7103ae91f3663539a16a2a38152aa92a bind-libbind-devel-9.3.3-8.el5.i386.rpm 07eb939ce9b72a601a11edd744234499 bind-libbind-devel-9.3.3-8.el5.x86_64.rpm 0c9077d8950b18efe21714dded6c94c0 bind-libs-9.3.3-8.el5.i386.rpm dafc0a981792ee6504a665a0cd529d01 bind-libs-9.3.3-8.el5.x86_64.rpm c05f0ec51d2439f4dd8f27b21bdbfe4f bind-sdb-9.3.3-8.el5.x86_64.rpm 7251b73070a92dc90be41b0372000f61 bind-utils-9.3.3-8.el5.x86_64.rpm 13fcf98bf097c8f5066941527658422b caching-nameserver-9.3.3-8.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494 http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF+BVGXlSAg2UNWIIRAuIxAKCMnf6jiIfPvxOsugLHs8czNlSU5wCdHjrm x2Mc5FuJu9iEp9GLtk9nf/o= =85O7 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRfiNFCh9+71yA2DNAQIkHwP+NYOo0H6Kv1Vb7oWPOfDEMx6HgyafKUXO 68fMwWQQ7lzMWXeOkQbGTUtIN1byaEkp6lNfCgrF3WcHgLPTUv30Z7wJBWXybZQI RfllzFtJnT4FChB7JvURHl/tVUmMus28H1R0ag2+yrLiq7Lxr3eTyXS5D63/3EQ4 xICk0pNe0YY= =bt0h -----END PGP SIGNATURE-----