|
|
>> Fedora Security Update Fixes Bind Query ID Generation DNS Cache Poisoning
|
Title : Fedora Security Update Fixes Bind Query ID Generation DNS Cache Poisoning
VUPEN ID : VUPEN/ADV-2007-2714
CVE ID : CVE-2007-2926
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
|
A vulnerability has been identified in Fedora, which could be exploited by attackers to gain knowledge of sensitive information. For additional information, see : VUPEN/ADV-2007-2627
Affected Products
Fedora Core 6
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
8799e54d86ca838e2973aeafa47ca6d76641a87f SRPMS/bind-9.3.4-7.P1.fc6.src.rpm
8799e54d86ca838e2973aeafa47ca6d76641a87f noarch/bind-9.3.4-7.P1.fc6.src.rpm
037fa8015cfbf24b263f7af61a6bc70cddc4d41e ppc/bind-sdb-9.3.4-7.P1.fc6.ppc.rpm
322c011099123e45fa7cd55ed64c0e3d7c8fd71d ppc/bind-devel-9.3.4-7.P1.fc6.ppc.rpm
98660445c6f27ca73ebef5467b7e9363f4b4a238 ppc/bind-libbind-devel-9.3.4-7.P1.fc6.ppc.rpm
f99da939a5539555c2d215a9faa89597f20c3722 ppc/bind-9.3.4-7.P1.fc6.ppc.rpm
15acb2e13b6f2f53f4a641e9dd0c700f559caf1e ppc/debug/bind-debuginfo-9.3.4-7.P1.fc6.ppc.rpm
192238293a49fa261b1f6a75cee8194f5993c6cd ppc/caching-nameserver-9.3.4-7.P1.fc6.ppc.rpm
971a80b918a51c7aece251d0a70dea01c3d54a1c ppc/bind-libs-9.3.4-7.P1.fc6.ppc.rpm
debe2be557f58742a700e8123492cf0a7f741bbb ppc/bind-chroot-9.3.4-7.P1.fc6.ppc.rpm
73638bdf1045edb82e8da25ff281212bc99fef60 ppc/bind-utils-9.3.4-7.P1.fc6.ppc.rpm
4e17b642fd3e50f1112f3cadce51f38892d8833e x86_64/bind-utils-9.3.4-7.P1.fc6.x86_64.rpm
14e4487e37edcc7a526e434353e1b4d8f20835fb x86_64/bind-libbind-devel-9.3.4-7.P1.fc6.x86_64.rpm
64064c33790bd6f288e0e9d791735c88cda90b3b x86_64/bind-libs-9.3.4-7.P1.fc6.x86_64.rpm
6c07bed1ed4342d28ad4c032a677f7e6ef1761c7 x86_64/caching-nameserver-9.3.4-7.P1.fc6.x86_64.rpm
c0c024076b5a0a9ac919fe5688ecb9b96c83aafb x86_64/bind-devel-9.3.4-7.P1.fc6.x86_64.rpm
419f768b882fc92ac3891a6c4757439d9811b75d x86_64/bind-chroot-9.3.4-7.P1.fc6.x86_64.rpm
33664d391d539b450383f7619c04f7fde27f0bf2 x86_64/debug/bind-debuginfo-9.3.4-7.P1.fc6.x86_64.rpm
715bac1ea6a8d418601d95bb54c20974222b2e16 x86_64/bind-sdb-9.3.4-7.P1.fc6.x86_64.rpm
b88c93ea147495878cb65fc0d708c218bd237353 x86_64/bind-9.3.4-7.P1.fc6.x86_64.rpm
960c2580f1b602e282f7cba7ae852fa64fb1e371 i386/bind-9.3.4-7.P1.fc6.i386.rpm
0a4047d8ae9dc83c8009f08adc45a20425f48f90 i386/bind-devel-9.3.4-7.P1.fc6.i386.rpm
0d78d3afaf856f76c6d889e75e91a342192fcceb i386/bind-libs-9.3.4-7.P1.fc6.i386.rpm
c6aa9c9cd339304297d72bfca8c1abe59c476afe i386/bind-chroot-9.3.4-7.P1.fc6.i386.rpm
bafcc716f31aceb36b580c0a624c99763e063df8 i386/debug/bind-debuginfo-9.3.4-7.P1.fc6.i386.rpm
1de28a524dbbfabfa08ea52ee02f418c54059db0 i386/bind-libbind-devel-9.3.4-7.P1.fc6.i386.rpm
3bb9de51eadd5374755688954bbdd9b9ec96eb68 i386/caching-nameserver-9.3.4-7.P1.fc6.i386.rpm
68ae1b0e23086efd44e4f0f796b1a12368d2f9c9 i386/bind-utils-9.3.4-7.P1.fc6.i386.rpm
a5b1c647a7df8e4fc9b531ad5176102f2567092d i386/bind-sdb-9.3.4-7.P1.fc6.i386.rpm
References
http://www.vupen.com/english/advisories/2007/2714
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00487.html
ChangeLog
2007-07-31 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
