bind 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1159953314
업데이트 : 2006.10.04
상세내용
Bind 는 name server 를 운영하기 위한 데몬이다.
- 9.3.2-P1 update
- security fixed
CAN-2005-0034:
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0,
when DNSSEC is enabled, allows remote attackers to cause a denial of service
(named server exit) via crafted DNS packets that cause an internal consistency
test (self-check) to fail.
CVE-2006-4095:
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause
a denial of service (crash) via certain SIG queries, which cause an assertion
failure when multiple RRsets are returned.
CVE-2006-4096:
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause
a denial of service (crash) via a flood of recursive queries, which cause an
INSIST failure when the response is received after the recursion queue is empty.
Autoupdates 지원 : 일부 지원
bind-utils => pkgsysupdate
pkgadd -F bind bind-devel
update 패키지
RPMS :
. bind-9.3.2-3.i686.rpm
. bind-utils-9.3.2-3.i686.rpm
. bind-devel-9.3.2-3.i686.rpm
SRPMS :
. bind-9.3.2-3.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0034
|