Security Alert: <Fedora Project> : Response Requested

Ernest Park ernest.park at palamida.com
Thu Jul 17 01:33:22 UTC 2008


      *Attention <Security Response Team>:*

 Our research shows that your project may be using BIND, and may be impacted
by the vulnerabilities identified below.

Can you please provide a response regarding the impact of the BIND
vulnerabilities on *<Fedora Project>*? If you have a resolution, or feel
that you are using an unaffected version of BIND, please confirm such.
Palamida's Research Group will report this issue within 24hrs. Your
information will be used to update information reported to US-CERT, NVD and
Palamida's data library regarding this vulnerability within *<Fedora
Project>*.


    1. What version of BIND is used?
      2. What is patch or resolution proposed?


*The project <Fedora Project> may be affected by the following software
vulnerabilities reported by US-Cert and NVD.*

 *Security Issue*: Project *<Fedora Project>* is suspected of using BIND.
Versions other than *9.3.5-P1*, *9.4.3b2*, *9.5.0-P1*, *9.5.1b1, all
released July 2008,* are considered potentially vulnerable to a number of
identified exploits.

*Recommendation*:(from maintainer ISC) *"ISC has discovered or has been
notified of several bugs which can result in vulnerabilities of varying
levels of severity in BIND as distributed by ISC. Upgrading to the latest
BIND version is strongly recommended."*

*Project*: *<Fedora Project>*
*Project URL*:   http://fedoraproject.org/
*Last Updated Date*: *04/16/08*
*Current Release*: 9


Please feel free to contact me immediately.


With Regards,

Ernest Park
VP, Research Group
Palamida, Inc.
http://palamida.com
http://gpl3.blogspot.com
203-856-7778

******************************************************************************************************************************************************************************************

Vulnerability version matrix (
http://www.isc.org/index.pl?/sw/bind/bind-security.php):

  # CVE number short description 0
1999-0833<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0833>
Buffer
overflow via NXT records. 1
1999-0835<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0835>
Denial
of service via malformed SIG records. 2
1999-0837<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0837>
Denial
of service by improperly closing TCP sessions via so_linger. 3
1999-0848<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0848>
Denial
of service named via consuming more than "fdmax" file descriptors. 4
1999-0849 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0849> Denial
of service via maxdname. 5
1999-0851<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0851>
Denial
of service via naptr. 6
2000-0887<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0887>
Denial
of service by compressed zone transfer (ZXFR) request. 7
2000-0888<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0888>
Denial
of service via SRV record. 8
2001-0010<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0010>
Buffer
overflow in TSIG code allows root privileges. 9
2001-0011<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0011>
Buffer
overflow in nslookupComplain allows root privileges. 10
2001-0012<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0012>
Ability
to access sensitive information such as environment variables. 11
2001-0013<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0013>
Format
string vulnerability in nslookupComplain allows root privileges. 12
2002-0029 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0029> Buffer
overflows in resolver library allows execution of arbitrary code. 13
2002-0400 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0400> Denial
of service via malformed DNS packet. 14
2002-0651<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0651>
Buffer
overflow in resolver code may cause a DoS and arbitrary code execution. 15
2002-1220 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1220> Denial
of service via request for nonexistent subdomain using large OPT RR. 16
2002-1221 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1221> Denial
of service via SIG RR elements with invalid expiry times. 17
2003-0914<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0914>
Cache
poisoning via negative responses with a large TTL value. 18
2005-0033<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0033>
Buffer
overflow in recursion and glue code allows denial of service. 19
2005-0034<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0034>
Denial
of service via crafted DNS packets causing internal self-check to fail. 20
2006-4095 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095> Denial
of service via certain SIG queries that return multiple RRsets. 21
2006-4096<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096>
Denial
of service via a flood of recursive queries causing INSIST failure. 22
2007-0493 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493> Denial
of service via unspecified vectors that cause named to "dereference a freed
fetch context." 23
2007-0494<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494>
Denial
of service via ANY query response containing multiple RRsets. 24
2007-2241<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2241>
Sequence
of queries can cause a recursive nameserver to exit. 25
2007-2925<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925>
allow-query-cache/allow-recursion
default acls not set. 26
2007-2926<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926>
cryptographically
weak query ids 27
2007-2930<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2930>
cryptographically
weak query ids (BIND 8) 28
2008-0122<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122>
inet_network()
off-by-one buffer overflow 29
2008-1447<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447>
DNS
cache poisoning issue
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-websites-list/attachments/20080716/381a9893/attachment.htm>


More information about the Fedora-websites-list mailing list