headers
pao p | 10 Jul 05:16

DNS vulnerability

http://www.linux.com/feature/141080

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
Permalink | Reply |
headers
Michael Cole | 10 Jul 05:29

Re: DNS vulnerability

On Thursday 10 July 2008 11:17:06 am pao p wrote:
> http://www.linux.com/feature/141080
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

All OS and All DNS had this fault. If using Bind 8 Remove and replace with 
Bind 9, Yahoo had to replace all their DNS servers with Bind9.

-- 
Regards, 

        Michael Cole
        LPIC-1 

"The man who does not read good books has no advantage over the man who can't 
read them. "
 - Mark Twain

"It is our choices, Harry, that show what we truly are, far more than our 
abilities." 
— J. K. Rowling

"Wear the old coat and buy the new book." 
— Austin Phelps

"I'm not a teacher: only a fellow traveler of whom you asked the way. I 
pointed ahead – ahead of myself as well as you." 
— George Bernard Shaw

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
Permalink | Reply |
headers
Danny Ching | 10 Jul 05:42

Re: DNS vulnerability

Couple of questions:

- is bind9 a response to the vulnerability?
- is it compatible with older dns systems?

On Thu, Jul 10, 2008 at 11:29 AM, Michael Cole <colemichae-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
On Thursday 10 July 2008 11:17:06 am pao p wrote:
> http://www.linux.com/feature/141080
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

All OS and All DNS had this fault. If using Bind 8 Remove and replace with
Bind 9, Yahoo had to replace all their DNS servers with Bind9.



--
Regards,

       Michael Cole
       LPIC-1



"The man who does not read good books has no advantage over the man who can't
read them. "
 - Mark Twain

"It is our choices, Harry, that show what we truly are, far more than our
abilities."
— J. K. Rowling

"Wear the old coat and buy the new book."
— Austin Phelps

"I'm not a teacher: only a fellow traveler of whom you asked the way. I
pointed ahead – ahead of myself as well as you."
— George Bernard Shaw


_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph



--
Regards,
Danny Ching 
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
Permalink | Reply |
headers
Michael Cole | 10 Jul 05:51

Re: DNS vulnerability

On Thursday 10 July 2008 11:42:00 am Danny Ching wrote:
> Couple of questions:
>
> - is bind9 a response to the vulnerability?
> - is it compatible with older dns systems?

Bind9 was able to be rebuilt to have the security patch, the same with many 
other varieties, Whereas Bind8 the previous version was not able to be fixed.

Yes they have not broken anything, Other groups like Cisco have also released 
patches for IOS.

So if you have a DNS check the version and upgrade, If you cannot find an 
update remove and replace with a new version.

I understand that all the companies involved will have released a patch 
yesterday... If the update is not recent I would not trust it..

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
Permalink | Reply |

Gmane