Date:         Wed, 20 Jan 2010 13:25:21 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: bind on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: bind security update
Issue date:	2010-01-20
CVE Names:	CVE-2010-0097 CVE-2010-0290

CVE-2010-0097 BIND DNSSEC NSEC/NSEC3 validation code could cause bogus 
NXDOMAIN responses
CVE-2010-0290 BIND upstream fix for CVE-2009-4022 is incomplete

A flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If BIND 
was running as a DNSSEC-validating resolver, it could incorrectly cache
NXDOMAIN responses, as if they were valid, for records proven by NSEC or
NSEC3 to exist. A remote attacker could use this flaw to cause a BIND
server to return the bogus, cached NXDOMAIN responses for valid records 
and prevent users from retrieving those records (denial of service).
(CVE-2010-0097)

The original fix for CVE-2009-4022 was found to be incomplete. BIND was
incorrectly caching certain responses without performing proper DNSSEC
validation. CNAME and DNAME records could be cached, without proper 
DNSSEC validation, when received from processing recursive client 
queries that requested DNSSEC records but indicated that checking should 
be disabled. A remote attacker could use this flaw to bypass the DNSSEC 
validation check and perform a cache poisoning attack if the target BIND 
server was receiving such client queries. (CVE-2010-0290)

After installing the update, the BIND daemon (named) will be restarted 
automatically.

SL 5.x

     SRPMS:
bind-9.3.6-4.P1.el5_4.2.src.rpm
     i386:
bind-9.3.6-4.P1.el5_4.2.i386.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.i386.rpm
bind-utils-9.3.6-4.P1.el5_4.2.i386.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.i386.rpm
     x86_64:
bind-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-utils-9.3.6-4.P1.el5_4.2.x86_64.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2010-0097 Moderate: bind SL5.x i386/x86_64

Moderate: bind security update

Summary

CVE-2010-0290 BIND upstream fix for CVE-2009-4022 is incompleteA flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If BINDwas running as a DNSSEC-validating resolver, it could incorrectly cacheNXDOMAIN responses, as if they were valid, for records proven by NSEC orNSEC3 to exist. A remote attacker could use this flaw to cause a BINDserver to return the bogus, cached NXDOMAIN responses for valid recordsand prevent users from retrieving those records (denial of service).(CVE-2010-0097)The original fix for CVE-2009-4022 was found to be incomplete. BIND wasincorrectly caching certain responses without performing proper DNSSECvalidation. CNAME and DNAME records could be cached, without properDNSSEC validation, when received from processing recursive clientqueries that requested DNSSEC records but indicated that checking shouldbe disabled. A remote attacker could use this flaw to bypass the DNSSECvalidation check and perform a cache poisoning attack if the target BINDserver was receiving such client queries. (CVE-2010-0290)After installing the update, the BIND daemon (named) will be restartedautomatically.SL 5.xSRPMS:bind-9.3.6-4.P1.el5_4.2.src.rpmi386:bind-9.3.6-4.P1.el5_4.2.i386.rpmbind-chroot-9.3.6-4.P1.el5_4.2.i386.rpmbind-devel-9.3.6-4.P1.el5_4.2.i386.rpmbind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpmbind-libs-9.3.6-4.P1.el5_4.2.i386.rpmbind-sdb-9.3.6-4.P1.el5_4.2.i386.rpmbind-utils-9.3.6-4.P1.el5_4.2.i386.rpmcaching-nameserver-9.3.6-4.P1.el5_4.2.i386.rpmx86_64:bind-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-chroot-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-devel-9.3.6-4.P1.el5_4.2.i386.rpmbind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpmbind-libbind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-libs-9.3.6-4.P1.el5_4.2.i386.rpmbind-libs-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-sdb-9.3.6-4.P1.el5_4.2.x86_64.rpmbind-utils-9.3.6-4.P1.el5_4.2.x86_64.rpmcaching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity
Issued Date: : 2010-01-20
CVE Names: CVE-2010-0097 CVE-2010-0290
CVE-2010-0097 BIND DNSSEC NSEC/NSEC3 validation code could cause bogus
NXDOMAIN responses

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved