[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fedora] Schwachstelle im ISC BIND-Server vor Version 9.4.1-7.P1 - FEDORA-2007-1247

To: win-sec-ssc@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: [Fedora] Schwachstelle im ISC BIND-Server vor Version 9.4.1-7.P1 - FEDORA-2007-1247
From: WiN Site Security Contacts <win-sec-ssc@xxxxxxxxxxxxxxxxx>
Date: Wed, 25 Jul 2007 10:37:51 +0200 (CEST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5

Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgendes Fedora Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.

CVE-2007-2925 - Schwachstelle in den ACL-Einstellungen des ISC BIND
Servers

  Im ISC BIND Server sind die Access Control Lists unsicher
  konfiguriert. Dies erlaubt einem entfernten Angreifer, rekursive
  Anfragen an den Server zu senden oder Daten aus dem Cache auszulesen,
  und so moeglicherweise an sensible Daten zu gelangen, oder erleichtert
  nachfolgende Angriffe.

CVE-2007-2926 - Schwachstelle im ISC BIND Server

  Der ISC BIND Server erzeugt IDs von DNS-Anfragen in einer
  kryptographisch unsicheren Weise, so dass die ID der naechsten Anfrage
  aus der Historie erraten werden kann. Betroffen sind nur ausgehende
  Anfragen, wenn BIND als Resolver verwendet wird, oder wenn die
  Ergebnisse der Angragen fuer interne Zwecke verwendet werden
  (beispielsweise in NOTIFY Nachrichten an Slave Nameserver). Ein
  entfernter Angreifer kann diese Schwachstelle ausnutzen, um die
  Ergebnisse von DNS-Anfragen zu faelschen (DNS cache poisoning).

Betroffen sind die folgenden Software Pakete und Plattformen:

  Paket bind

  Fedora 7

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

Hersteller Advisory:
  https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00455.html


(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
	Jan Kohlrausch
- -- 
Jan Kohlrausch (CSIRT), Phone +49 40 808077-555

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737


- --------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-1247
2007-07-24 22:15:28.360859
- --------------------------------------------------------------------------------

Name        : bind
Product     : Fedora 7
Version     : 9.4.1
Release     : 7.P1.fc7
Summary     : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server.
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

- --------------------------------------------------------------------------------
Update Information:

- - CVE-2007-2925 - allow-query-cache/allow-recursion default acls not set
  - workaround - disable recursion or explicitly set allow-query-cache and allow-recursion acls

- - CVE-2007-2926 - cryptographically weak query id generator
  - 1 in 8 chance of guessing the next query id for 50% of the query ids
  - allows cache-poisoning type of attack, no workaround, affect only outgoing queries
- --------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-7.P1.fc7
- - updated to latest upstream (contains fixes for CVE-2007-2925 and
  CVE-2007-2926)
* Thu Jun 21 2007 Adam Tkac <atkac redhat com> 31:9.4.1-6.1.fc7
- - minor changes in caching-nameserver configuration
* Mon Jun 18 2007 Adam Tkac <atkac redhat com> 31:9.4.1-6.fc7
- - major changes in default caching-nameserver configuration (configuration
  could now honor RFCs, #243565)
* Tue Jun  5 2007 Adam Tkac <atkac redhat com> 31:9.4.1-5.fc7
- - added /var/named/dynamic directory. This directory is primary designed
  for dynamic DNS zones. In future releases named could write only into
  dynamic, data and slaves directories
* Thu May 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-4.fc7
- - start using deprecated ldap API
- - fix minor bug in bind-chroot-admin (#241103)
* Tue May 15 2007 Adam Tkac <atkac redhat com> 31:9.4.1-3.fc7
- - fixed bind-chroot-admin dynamic DNS handling (#239149)
- - rewrited ldap backend to latest API (#239802)
- - updated zone-freeze patch to latest upstream
* Mon May  7 2007 Adam Tkac <atkac redhat com> 31:9.4.1-2.fc7
- - test build on new build system
* Wed May  2 2007 Adam Tkac <atkac redhat com> 31:9.4.1-1.fc7
- - updated to 9.4.1 which contains fix to CVE-2007-2241
* Fri Apr 27 2007 Adam Tkac <atkac redhat com> 31:9.4.0-8.fc7
- - improved "zone freeze patch" - if multiple zone with same name exists
  no zone is freezed
- - minor cleanup in caching-nameserver's config file
- - fixed race-condition in dbus code (#235809)
- - added forgotten restorecon statement in bind-chroot-admin
* Tue Apr 17 2007 Adam Tkac <atkac redhat com> 31:9.4.0-7.fc7
- - removed DEBUGINFO option because with this option (default) was bind
  builded with -O0 and without this flag no debuginfo package was produced.
  (I want faster bind => -O2 + debuginfo)
- - fixed zone finding (#236426)
- --------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-2925
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
  [ 2 ] CVE-2007-2926
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
- --------------------------------------------------------------------------------
Updated packages:

5c712060807e3985fe3d87d9bb9cf162a5cce1ed bind-utils-9.4.1-7.P1.fc7.ppc64.rpm
1f360e332c0a59a9ec5c72519a84d4d291dbe57a caching-nameserver-9.4.1-7.P1.fc7.ppc64.rpm
37733efde8386846d18fb0cdfe5bbda97ab00de8 bind-debuginfo-9.4.1-7.P1.fc7.ppc64.rpm
de4a504275e252eee4e45a41f421e35a6d86f249 bind-chroot-9.4.1-7.P1.fc7.ppc64.rpm
36cabeb0d6cbb690e5c8d95ab400a47e215a3b72 bind-sdb-9.4.1-7.P1.fc7.ppc64.rpm
d421e2d1a07864d25e6611445cbdcb315b130423 bind-devel-9.4.1-7.P1.fc7.ppc64.rpm
01fadba5b6875830f47fc84dd3554b547ea84f3c bind-libs-9.4.1-7.P1.fc7.ppc64.rpm
cabe07e4b5912c5faebe3b36671a727f53dd6b6e bind-9.4.1-7.P1.fc7.ppc64.rpm
ffe3bd57bb56ff8631c5c61a5b31fafed516f648 bind-libs-9.4.1-7.P1.fc7.i386.rpm
3ea3beb0b04fc255d09ae2bca927ba73cccc03a4 caching-nameserver-9.4.1-7.P1.fc7.i386.rpm
2490ed2156eae86acf85cfcddc0c684cce8b8b0e bind-sdb-9.4.1-7.P1.fc7.i386.rpm
9931918e4d54ea74527a99b614d3969a8bf0b3fb bind-utils-9.4.1-7.P1.fc7.i386.rpm
e94f1dc72d6211ea634a25ae8b328e1518a9d6f3 bind-chroot-9.4.1-7.P1.fc7.i386.rpm
82478697d8f95cc857ae9f8e2f6dff5022234a3c bind-devel-9.4.1-7.P1.fc7.i386.rpm
d01e36d4e54b6b7f728c9d9ba3dc1d4c5525ded5 bind-9.4.1-7.P1.fc7.i386.rpm
d536a1fc5f0a8c0efb3d8728b2ac0c3248b36c2d bind-debuginfo-9.4.1-7.P1.fc7.i386.rpm
e8c173577d6bb31e22b114ad27965699d9e04b64 bind-chroot-9.4.1-7.P1.fc7.x86_64.rpm
9b8e09f2f21103ef8c1c634d4686e25c872a3252 bind-9.4.1-7.P1.fc7.x86_64.rpm
7cc1e01f58ec4fe18789ae6b3e7bfed864b23300 bind-libs-9.4.1-7.P1.fc7.x86_64.rpm
fb57380ada5aaa89f967eccec79ec7b1d2bae344 caching-nameserver-9.4.1-7.P1.fc7.x86_64.rpm
3e44c0953023abb963f2523b0d715bfc8e051dcf bind-devel-9.4.1-7.P1.fc7.x86_64.rpm
a8d2153932fb9b28f6b3a47161ee7093efb32853 bind-utils-9.4.1-7.P1.fc7.x86_64.rpm
cca1dc2828e3dce9d0b88e76bb69f47695daded4 bind-sdb-9.4.1-7.P1.fc7.x86_64.rpm
2f8be4b4dceca242a89f293914b76857e24c2a43 bind-debuginfo-9.4.1-7.P1.fc7.x86_64.rpm
936f0b236d97edd54218621de08c48af6c17df99 bind-chroot-9.4.1-7.P1.fc7.ppc.rpm
285395a3ce5d75a7c151fd4898f9b6f28a7c5332 bind-libs-9.4.1-7.P1.fc7.ppc.rpm
5e0b936a7b7052458014141157538151657a9450 bind-utils-9.4.1-7.P1.fc7.ppc.rpm
6276246b7705451b37aa07af4154c519d13bf013 bind-sdb-9.4.1-7.P1.fc7.ppc.rpm
92773e2443e3e78c2d558aa62c2238aafeb1686e bind-9.4.1-7.P1.fc7.ppc.rpm
73a68fce29b6cb196edd7aa51c027b6244d52a78 bind-debuginfo-9.4.1-7.P1.fc7.ppc.rpm
16133ef220ff4ee7d2dea97e3fcd9803e6254bc5 caching-nameserver-9.4.1-7.P1.fc7.ppc.rpm
e0c13966f4816e8effe7b3328e752cc73cc6a290 bind-devel-9.4.1-7.P1.fc7.ppc.rpm
15dd69053b9e5b16a70ddca1a5c4099d3b192648 bind-9.4.1-7.P1.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
- --------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iQEVAwUBRqcL3xYd1iQZmhQQAQG21Af/XuwjCU/HctssNB2BcRt/VGxQ/MEMX7nC
191W5WbxmOFw0Y0kDg5hYQBDTItZ7A9BwDPeN6v1h7Y7t5IVqRsQJIXtDdhvpjby
/mmiqN16oAmdjpsALnrY3vqIOR9rpfy4VtcwBMM0uEefRBTzv6JU77tydWy+pHXQ
CF4sNm7fyaG6B6+1yv4AhAYuRMBNipoQpMO08/DZp66PVm6v5I3TBuorY71w199D
yVWupXJfg6JEixGBdOrtOeU0bejwUzdHcvSqdEB+aXZiU2re6Nm2iyoJ5CKN9BTa
4MZI15MAOOaEK4bSTBNVlhfSc50K53/E89f2g6SPq+QKZOiJzjao/w==
=GGkz
-----END PGP SIGNATURE-----
Prev by Date: [RedHat] Schwachstelle im ISC BIND-Server vor Version 9.2.8-P1 - RHSA-2007:0740-01
Next by Date: [Cisco] Mehrere Denial of Service Schwachstellen in Cisco WLAN Controllern - cisco-sa-20070724-arp
Previous by thread: [RedHat] Schwachstelle im ISC BIND-Server vor Version 9.2.8-P1 - RHSA-2007:0740-01
Next by thread: [Cisco] Mehrere Denial of Service Schwachstellen in Cisco WLAN Controllern - cisco-sa-20070724-arp
Index(es):
- Date
- Thread