Freedom The Open Source Way Contribute Articles or News to OSForgeOSForge HomeLogout from Forums
Contacting OSForgeOSForge HomeAbout OSForge
  

Root
 Contribute News
 Learning Corner
 Linux Distributions
 Linux Common FAQ's
 Discussion Forums
Community Gallery
Links Directory
Search OSForge
Networking
 Industry Updates
 Linux & Open Source
 Opinions
 Press Release
 Programming
 Security
 Web Development
White Paper
Open-Xchange to Deliver Collaboration Solution Integrated With Parallels Automation
OpenKM - Document Mangement announces version 2.0
SugarCRM Manages End-to-End SaaS Offering with Zenoss
Linux Foundation’s Annual Collaboration Summit Kicks Off
Engine Yard Kicks Off Hackfest Series for Ruby Developers
Plat'Home Launches First Linux-based Eco-Friendly Servers In United States
World’s Largest Python Conference Sees 70 Percent Jump in Attendance
Leading SaaS Infrastructure Provider Deploys Zenoss to Improve Uptime and Reduce Cost
JasperSoft is Most Widely-Deployed Business Intelligence Software in the World

View More »

SOT Linux Advisory: bind
By : Eric Lim [www] Find more article by Eric Lim on Security
Thursday the 6th, June 2002 at 11:59 PM (EDT)
Send this Story to a Friend Readers TalkBack (0) - 967 Reads

Printer Friendly Page Printable format
Send this Story to a Friend Foward to Email

SOT Linux Advisory: bind

1. Problem description


Versions of BIND 9 prior to 9.2.1 have a bug that causes certain
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.





2. Updated packages


SOT Linux 2002 Desktop:


i386:
ftp://ftp.sot.com/updates/2002/Desktop/i386/bind-utils-9.2.1-1.i386.rpm


SRPMS:
ftp://ftp.sot.com/updates/2002/Desktop/SRPMS/bind-9.2.1-1.src.rpm



SOT Linux 2002 Server:


i386:
ftp://ftp.sot.com/updates/2002/Server/i386/bind-9.2.1-1.i386.rpm
ftp://ftp.sot.com/updates/2002/Server/i386/bind-utils-9.2.1-1.i386.rpm


SRPMS:
ftp://ftp.sot.com/updates/2002/Server/SRPMS/bind-9.2.1-1.src.rpm



3. Upgrading package


Use up2date to automatically upgrade the fixed packages.


If you want to upgrade manually, download the updated package from
the SOT Linux FTP site (use the links above) or from one of our mirrors.
The list of mirrors can be obtained at www.sot.com/en/linux


Update the package with the following command:
rpm -Uvh filename



4. Verification


All packages are PGP signed by SOT for security.


You can verify each package with the following command:
rpm --checksig filename


If you wish to verify the integrity of the downloaded package, run
"md5sum filename" and compare the output with data given below.



Package Name                              MD5 sum
--------------------------------------------------------------------------
/Desktop/i386/bind-utils-9.2.1-1.i386.rpm 5f3df4a88ed9a2961de6af45c4b0a788     
/Desktop/SRPMS/bind-9.2.1-1.src.rpm       d2e274c8a861c4cd5a9e9b8cb76df44e
/Server/i386/bind-utils-9.2.1-1.i386.rpm  5f3df4a88ed9a2961de6af45c4b0a788
/Server/i386/bind-9.2.1-1.i386.rpm        e74c33d4c0774d92bd629ded5028da04
/Server/SRPMS/bind-9.2.1-1.src.rpm        d2e274c8a861c4cd5a9e9b8cb76df44e



5. References


http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0400


Copyright(c) 2001, 2002 SOT
       

---------------------------------------------------------------------
You can view other update advisories for SOT Linux 2002 at:
http://www.sot.com/en/linux/sa/
---------------------------------------------------------------------
  
Reader Rating from 1-5

 

Poor very 
1
2
3
4
5 		 very Excellent

Talkback

Post Your Talkback | View All Talkback (0 Posted)

 Currently there are no Talkback posted on "SOT Linux Advisory: bind", Click here to be the first to post a talkback.

 
Scroll Up

   About | Term of Use | Privacy | Contact us | Tell a Friend | Advertise  

 OSForge News RSS Feed