[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2009:0020-01 -- Redhat bind

ID: oval:org.secpod.oval:def:500559Date: (C)2012-01-31   (M)2023-11-22
Class: PATCHFamily: unix




BIND is an implementation of the DNS protocols. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. For users of Red Hat Enterprise Linux 3 this update also addresses a bug which can cause BIND to occasionally exit with an assertion failure. All BIND users are advised to upgrade to the updated package, which contains a backported patch to resolve this issue. After installing the update, BIND daemon will be restarted automatically.

Platform:
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 2.1
Product:
bind
Reference:
RHSA-2009:0020-01
CVE-2009-0025
CVE    1
CVE-2009-0025
CPE    89
cpe:/a:isc:bind:4
cpe:/a:isc:bind:8.3.6
cpe:/a:isc:bind:8.3.5
cpe:/o:redhat:enterprise_linux:2.1
...

© SecPod Technologies