bind 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1248848703
업데이트 : 2009.07.29
상세내용
- 9.4.3-3 (9.4.3-P3) update
- fixed CVE-2009-0696
. CVE-2009-0696:
Receipt of a specially-crafted dynamic update message to a zone for which the
server is the master may cause BIND 9 servers to exit. Testing indicates that
the attack packet has to be formulated against a zone for which that machine
is a master. Launching the attack against slave zones does not trigger the assert.
This vulnerability affects all servers that are masters for one or more zones
- it is not limited to those that are configured to allow dynamic updates.
ccess controls will not provide an effective workaround.
dns_db_findrdataset() fails when the prerequisite section of the dynamic update
message contains a record of type “ANY” and where at least one RRset for this
DN exists on the server.
db.c:659: REQUIRE(type != ((dns_rdatatype_t)dns_rdatatype_any)) failed
exiting (due to assertion failure).
현재 exploit 이 활동중이라고 합니다. 즉시 업데이트 하십시오!
Autoupdates 지원 : 일부 지원
pkgsysupdate && pkgadd -F "bind*"
update 패키지
RPMS :
. bind-9.4.3-1.i686.rpm
. bind-utils-9.4.3-1.i686.rpm
. bind-devel-9.4.3-1.i686.rpm
SRPMS :
. bind-9.4.3-1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
http://www.kb.cert.org/vuls/id/725188
https://www.isc.org/node/474
|