SuSE Security Advisory SUSE-SA:2009:005 (bind) Network Vulnerability

Summary

The remote host is missing updates announced in advisory SUSE-SA:2009:005.

Solution

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:005

Insight

The DNS daemon bind is used to resolve and lookup addresses on the internet. Some month ago a vulnerability in the DNS protocol and its numbers was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifys the certification chain of a DNS- SEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.

Severity

Classification

CVE CVE-2009-0025
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

SLES10: Security update for perl-Net-DNS
SLES10: Security update for file
SLES10: Security update for nagios
SLES10: Security update for Apache 2
SLES10: Security update for libvorbis

Take action and discover your vulnerabilities