RHSA-2009:1179

Executive Summary

Summary
Title	bind security update

Informations
Name	RHSA-2009:1179	First vendor Publication	2009-07-29
Vendor	RedHat	Last vendor Modification	2009-07-29
Severity (Vendor)	Important	Revision	02

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated bind packages that fix a security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

[Updated 29th July 2009]
The packages in this erratum have been updated to also correct this issue
in the bind-sdb package.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

A flaw was found in the way BIND handles dynamic update message packets
containing the "ANY" record type. A remote attacker could use this flaw to
send a specially-crafted dynamic update packet that could cause named to
exit with an assertion failure. (CVE-2009-0696)

Note: even if named is not configured for dynamic updates, receiving such
a specially-crafted dynamic update packet could still cause named to exit
unexpectedly.

All BIND users are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing the
update, the BIND daemon (named) will be restarted automatically.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

514292 - CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2009-1179.html

CWE : Common Weakness Enumeration

id	Name
CWE-16	Configuration

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7806

Oval ID:	oval:org.mitre.oval:def:7806
Title:	VMware BIND vulnerability
Description:	The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0696	Version:	2
Platform(s):	VMWare ESX Server 4	Product(s):
Definition Synopsis:
IF VMWare ESX Server 3.0.3 is installed AND Patch ESX303-201002205-SG is not installed OR VMware ESX Server 3.5.0 is installed AND Patch ESX350-201002404-SG is not installed OR VMware ESX Server 4.0 is installed AND Patch ESX400-200911237-SG is not installed

Definition Id: oval:org.mitre.oval:def:12245

Oval ID:	oval:org.mitre.oval:def:12245
Title:	HP-UX Running BIND, Remote Denial of Service (DoS)
Description:	The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0696	Version:	3
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02451 HP Release B.11.23 AND filesets tests InternetSrvcs.INETSVCS-INETD is installed AND InternetSrvcs.INETSVCS-RUN is installed AND InternetSrvcs.INETSVCS2-RUN is installed AND NOT Patch PHNE_40339 is installed OR Criteria meets HP Security Bulletin HPSBUX02451 HP Release B.11.11 AND BINDv920.INETSVCS-BIND version is less than B.11.11.01.014 OR Criteria meets HP Security Bulletin HPSBUX02451 HP Release B.11.23 AND filesets tests BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.7.0 AND BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.7.0 OR Criteria meets HP Security Bulletin HPSBUX02451 HP Release B.11.11 AND BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.7.0 OR Criteria meets HP Security Bulletin HPSBUX02451 HP-UX B.11.31 AND filesets tests NameService.BIND-AUX version is less than C.9.3.2.8.0 AND NameService.BIND-RUN version is less than C.9.3.2.8.0

Definition Id: oval:org.mitre.oval:def:10414

Oval ID:	oval:org.mitre.oval:def:10414
Title:	The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Description:	The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0696	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section bind-utils is earlier than 20:9.2.4-25.el3 AND bind-devel is earlier than 20:9.2.4-25.el3 AND bind-chroot is earlier than 20:9.2.4-25.el3 AND bind is earlier than 20:9.2.4-25.el3 AND bind-libs is earlier than 20:9.2.4-25.el3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section bind-utils is earlier than 20:9.2.4-30.el4_8.4 AND bind-devel is earlier than 20:9.2.4-30.el4_8.4 AND bind-chroot is earlier than 20:9.2.4-30.el4_8.4 AND bind is earlier than 20:9.2.4-30.el4_8.4 AND bind-libs is earlier than 20:9.2.4-30.el4_8.4 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section bind-utils is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind-libbind-devel is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind-devel is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind-chroot is earlier than 30:9.3.4-10.P1.el5_3.3 AND caching-nameserver is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind-sdb is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind is earlier than 30:9.3.4-10.P1.el5_3.3 AND bind-libs is earlier than 30:9.3.4-10.P1.el5_3.3

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Bind cpe:/a:isc:bind:9.6.1 cpe:/a:isc:bind:9.6.0b1 cpe:/a:isc:bind:9.6.0a1 cpe:/a:isc:bind:9.6.0:p1 cpe:/a:isc:bind:9.6.0:rc2 cpe:/a:isc:bind:9.6.0:rc1 cpe:/a:isc:bind:9.6.0 cpe:/a:isc:bind:9.5.1b3 cpe:/a:isc:bind:9.5.1b2 cpe:/a:isc:bind:9.5.1b1 cpe:/a:isc:bind:9.5.1 cpe:/a:isc:bind:9.5.1:rc1 cpe:/a:isc:bind:9.5.1:rc2 cpe:/a:isc:bind:9.5.0b3 cpe:/a:isc:bind:9.5.0b2 cpe:/a:isc:bind:9.5.0b1 cpe:/a:isc:bind:9.5.0a7 cpe:/a:isc:bind:9.5.0a6 cpe:/a:isc:bind:9.5.0a5 cpe:/a:isc:bind:9.5.0a4 cpe:/a:isc:bind:9.5.0a3 cpe:/a:isc:bind:9.5.0a2 cpe:/a:isc:bind:9.5.0a1 cpe:/a:isc:bind:9.5.0a1::bind_forum cpe:/a:isc:bind:9.5.0-p2-w2 cpe:/a:isc:bind:9.5.0-p2-w1 cpe:/a:isc:bind:9.5.0-p2-w1:windows cpe:/a:isc:bind:9.5.0-p2 cpe:/a:isc:bind:9.5.0-p1 cpe:/a:isc:bind:9.5.0 cpe:/a:isc:bind:9.5.0:rc1 cpe:/a:isc:bind:9.5 cpe:/a:isc:bind:9.4.3b3 cpe:/a:isc:bind:9.4.3b2 cpe:/a:isc:bind:9.4.3b1 cpe:/a:isc:bind:9.4.3 cpe:/a:isc:bind:9.4.3:rc1 cpe:/a:isc:bind:9.4.3:p2 cpe:/a:isc:bind:9.4.2-p2-w1:windows cpe:/a:isc:bind:9.4.2 cpe:/a:isc:bind:9.4.1 cpe:/a:isc:bind:9.4.0b4 cpe:/a:isc:bind:9.4.0b3 cpe:/a:isc:bind:9.4.0b2 cpe:/a:isc:bind:9.4.0b1 cpe:/a:isc:bind:9.4.0a6 cpe:/a:isc:bind:9.4.0a5 cpe:/a:isc:bind:9.4.0a4 cpe:/a:isc:bind:9.4.0a3 cpe:/a:isc:bind:9.4.0a2 cpe:/a:isc:bind:9.4.0a1 cpe:/a:isc:bind:9.4.0 cpe:/a:isc:bind:9.4.0:rc1 cpe:/a:isc:bind:9.4	54

Open Source Vulnerability Database (OSVDB)

id	Description
56584	ISC BIND Dynamic Update Message Handling Remote DoS

Type	Count
Oval ID(s)	3
CPE ID(s)	54
osvdb(s)	1

Related	Severity
CVE-2009-0696	(Medium)

Same Subject	Severity
Login to view 11 more Alert(s)

RHSA-2009:1179

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU