[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1298482715.28687.31.camel@localhost>
Date: Wed, 23 Feb 2011 12:38:35 -0500
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-1070-1] Bind vulnerability
===========================================================
Ubuntu Security Notice USN-1070-1 February 23, 2011
bind9 vulnerability
CVE-2011-0414
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.10:
libdns66 1:9.7.1.dfsg.P2-2ubuntu0.2
In general, a standard system update will make all the necessary changes.
Details follow:
It was discovered that Bind incorrectly handled IXFR transfers and dynamic
updates while under heavy load when used as an authoritative server. A
remote attacker could use this flaw to cause Bind to stop responding,
resulting in a denial of service.
Updated packages for Ubuntu 10.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2.debian.tar.gz
Size/MD5: 633590 e359965f4d7402e02408085af4a4cd32
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2.dsc
Size/MD5: 2292 423f576862de791b97edf37e95750309
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2.orig.tar.gz
Size/MD5: 6104039 a09aab2a215166e37b741d78d776dfbc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.7.1.dfsg.P2-2ubuntu0.2_all.deb
Size/MD5: 330324 8286b192fe1a5df9988c972c93ceb026
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/host_9.7.1.dfsg.P2-2ubuntu0.2_all.deb
Size/MD5: 17476 1792e7eaad32245086d117c710439e44
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 69730 1c8a0a8b98b217eb83310d1821b1cc1c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 349738 9037f4a622bb56df6a32d6fadce4a73e
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 120940 ef17428138445b9369d12d2fef74eba7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 161304 f7840374de1936fdca7056c0d20449b1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 1493092 5eab9a20c300e9e6ac98ab1a99de51f9
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 37084 e0017c6639f8909bfe7e9b77c5c050d7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 696296 ea1473ba2cad636caaed3a3b65360469
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 169634 4a98361ade04085c3de155b52ac8481d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 31444 12c3dcc49f830df8c120f2b6ae61f827
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 54622 49e4a44091a9e4358f8e6d6e8a3ab8cc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 50068 0ec154c84f2ac697534443cae6525865
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.2_amd64.deb
Size/MD5: 234890 45bbf3f44f097404731d6ae9f391dc30
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 66282 7729872a7cc4d6a447dc13b7f6563609
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 321106 56d1249fd1957643a45ceba86f40d8e4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 111704 31cce7e333e0a7872b4d5d12d69bcf72
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 150772 09938abe28594324b475749255eb4ea8
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 1417262 dbf1cd20c2b4b10208d7eb9c751c1f1e
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 37320 7b2e67dcec38c8af0d57a114562b7144
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 654184 0729856ebed628cfbe7cc5d338552bba
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 156582 416eb9b5ff48fef5968fa57a3199b1d9
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 30010 0369a637c6d0833e7381293562604ebc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 47884 ef689385fe66b2dd42ba99c46a97ef4b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 48616 07c5e3eaac12cbb8ac5b9852bd9aed89
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.2_i386.deb
Size/MD5: 221284 e939144f47f77187f8ca4c8d07c2645a
armel architecture (ARM Architecture):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 68518 ecebf012ada2d2fe81bb5cc85ef7dd9a
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 331622 db7d728046eb5666093da95229181bbb
http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 112430 bee409ecb3342aeb1f9e9fa832b4307b
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 157122 5b3ea1bf0358331c1232cd4bfc63e525
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 1446262 e81d0993683a3cbbb5deadc319415468
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 37296 05bce3c11513ae48dac282384b9f8ef2
http://ports.ubuntu.com/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 667836 3136961b68f1c87a7f9f80ed1df01277
http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 166214 db836c2ca7d367cbe50f19fa8ebd554d
http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 29762 706b2de47ae03e24643b596b11acf8af
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 47376 35e241d08173d2ddab95f1d04517decd
http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 47504 9359b97549f8d2c7885a558305bda868
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.2_armel.deb
Size/MD5: 232044 e953069ab11afd15feb7d3be4421ed71
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 69828 6c9489b7b01d677de81a85202e0c084f
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 338524 20afddc2becaea17f22a5fa977b9c9db
http://ports.ubuntu.com/pool/main/b/bind9/bind9utils_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 119356 15966a3e0edce568f4a49e0829c7a977
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 160668 2cf63beb51141cddf08574d85571e8ff
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 1390074 a71ce7daf9e242ae41ef23c5d76f444e
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-60_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 37682 6c9e9817472f1e47a42dbadeb4e388a9
http://ports.ubuntu.com/pool/main/b/bind9/libdns66_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 672274 e1eed6b4d5f47ae35fdcafa58eec355e
http://ports.ubuntu.com/pool/main/b/bind9/libisc60_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 162448 daac152164e2b926eb153823cef58755
http://ports.ubuntu.com/pool/main/b/bind9/libisccc60_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 30732 ca150687d970df031330738aeb2e1670
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg60_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 50676 a464f3130db836ec63d59b615a2b42ca
http://ports.ubuntu.com/pool/main/b/bind9/liblwres60_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 48938 d4bb6e119091033ed7a9b5d5d410fc42
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.7.1.dfsg.P2-2ubuntu0.2_powerpc.deb
Size/MD5: 235280 d00611031e6cf113fa104721b828c8f4
Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists