Debian bind DNS Cache Poisoning Vulnerability - Advisories

Debian bind DNS Cache Poisoning Vulnerability

Secunia Advisory:	SA30989
Release Date:	2008-07-09

Critical:	Moderately critical
Impact:	Spoofing
Where:	From remote
Solution Status:	Vendor Workaround

OS:	Debian GNU/Linux 4.0


CVE reference:	CVE-2008-1447 (Secunia mirror)



Description: Debian has acknowledged a vulnerability in bind, which can be exploited by malicious people to poison the DNS cache. For more information: SA30973 Solution: There is no updated bind package. The vendor recommends to migrate to bind9 instead. http://lists.debian.org/debian-security-announce/2008/msg00185.html Original Advisory: http://lists.debian.org/debian-security-announce/2008/msg00185.html Other References: SA30973: http://secunia.com/advisories/30973/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

333 Related Secunia Security Advisories, displaying 10

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Opera Multiple Vulnerabilities

2.	Trend Micro Products Web Management Authentication Bypass

3.	phpBB "url" bbcode Script Insertion Vulnerability

4.	Red Hat Directory Server Multiple Vulnerabilities

5.	JustSystems Ichitaro Products Unspecified Code Execution Vulnerability

6.	Honeyd "test.sh" Insecure Temporary Files

7.	Ampache "gather-message s.sh" Insecure Temporary Files

8.	Tiger "genmsgidx" Insecure Temporary Files

9.	Mono Sys.Web HTTP Header Injection Vulnerability

10.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability