Slackware Linux ProjectSSA-2008-191-02[slackware-security] bind
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, and -current to address a security problem.
More details may be found at the following links:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
https://vulners.com/cve/CVE-2008-1447
Here are the details from the Slackware 12.1 ChangeLog:
patches/packages/bind-9.4.2_P1-i486-1_slack12.1.tgz:
Upgraded to bind-9.4.2-P1.
This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
“A weakness in the DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack.”
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to DNS cache poisoning attacks.
For more information, see:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
https://vulners.com/cve/CVE-2008-1447
(* Security fix *)
Where to find the new packages:
HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)
Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.3.5_P1-i386-1_slack8.1.tgz
Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.3.5_P1-i386-1_slack9.0.tgz
Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.3.5_P1-i486-1_slack9.1.tgz
Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.3.5_P1-i486-1_slack10.0.tgz
Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.3.5_P1-i486-1_slack10.1.tgz
Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.3.5_P1-i486-1_slack10.2.tgz
Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.3.5_P1-i486-1_slack11.0.tgz
Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.2_P1-i486-1_slack12.0.tgz
Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4.2_P1-i486-1_slack12.1.tgz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.4.2_P1-i486-1.tgz
MD5 signatures:
Slackware 8.1 package:
c693e1ae4997c7cc23c0051ec1c90796 bind-9.3.5_P1-i386-1_slack8.1.tgz
Slackware 9.0 package:
24326f563c6588a0541f3409bc7298cd bind-9.3.5_P1-i386-1_slack9.0.tgz
Slackware 9.1 package:
67178dd97006cf4cf3543704c82741b8 bind-9.3.5_P1-i486-1_slack9.1.tgz
Slackware 10.0 package:
a12c9e8304c5a7e285fa4df7d4b9756b bind-9.3.5_P1-i486-1_slack10.0.tgz
Slackware 10.1 package:
6209e4a5f9693451279b0d02795b9bd8 bind-9.3.5_P1-i486-1_slack10.1.tgz
Slackware 10.2 package:
e1c6d74c787fa3b7f3a5905fef206206 bind-9.3.5_P1-i486-1_slack10.2.tgz
Slackware 11.0 package:
d354a0118388bb0f3fd32fa79166746a bind-9.3.5_P1-i486-1_slack11.0.tgz
Slackware 12.0 package:
5b1087e6a0dc79ebf06144f44d5bb52f bind-9.4.2_P1-i486-1_slack12.0.tgz
Slackware 12.1 package:
da76550505d62f0d902b710a078d1020 bind-9.4.2_P1-i486-1_slack12.1.tgz
Slackware -current package:
c255530e46f4cff8080a20b6c8d12443 bind-9.4.2_P1-i486-1.tgz
Installation instructions:
Upgrade the package as root:
> upgradepkg bind-9.4.2_P1-i486-1_slack12.1.tgz
Then, restart the nameserver:
> /etc/rc.d/rc.bind restart
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Slackware | 8.1 | i386 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i386-1_slack8.1.tgz |
| Slackware | 9.0 | i386 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i386-1_slack9.0.tgz |
| Slackware | 9.1 | i486 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i486-1_slack9.1.tgz |
| Slackware | 10.0 | i486 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i486-1_slack10.0.tgz |
| Slackware | 10.1 | i486 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i486-1_slack10.1.tgz |
| Slackware | 10.2 | i486 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i486-1_slack10.2.tgz |
| Slackware | 11.0 | i486 | bind | < 9.3.5_P1 | bind-9.3.5_P1-i486-1_slack11.0.tgz |
| Slackware | 12.0 | i486 | bind | < 9.4.2_P1 | bind-9.4.2_P1-i486-1_slack12.0.tgz |
| Slackware | 12.1 | i486 | bind | < 9.4.2_P1 | bind-9.4.2_P1-i486-1_slack12.1.tgz |
| Slackware | current | i486 | bind | < 9.4.2_P1 | bind-9.4.2_P1-i486-1.tgz |
Related
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%